royal | 5843e3a65830a8f2ce2c28a484f94049f81790516d8fada0f198f58fc95f49a0 | Triage

Submit
Reports

Overview

overview

Static

static

windows_encryptor.exe

windows7-x64

9

windows_encryptor.exe

windows10-2004-x64

1

Sharing

General

Target

windows_encryptor.ex
Size

2.1MB
Sample

230324-skk4mshc6z
MD5

e72424408e6441d0f362cd9946c6cc60
SHA1

65cbfe67462ed01463903b13eda1caa10d5babcf
SHA256

5843e3a65830a8f2ce2c28a484f94049f81790516d8fada0f198f58fc95f49a0
SHA512

05476ceee021edbcfccae507f08aebc5dfa72d3de41b38ca8892bd4ee7e9545d753f761d360902e93444a453af473f46f3cc20068bf817f5599967cbc8cfa4e7
SSDEEP

49152:AKdKdhwcjW7oPlIFP2a8cTPBn+zOkLH4Gh0LKUm:AKdQheoPOx8Mnbk

Score

10^/10

royal ransomware

Static task

static1

ransomware royal

2 signatures

Behavioral task

behavioral1

Sample

windows_encryptor.exe

Resource

win7-20230220-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

windows_encryptor.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  windows_encryptor.ex
- Size
  
  2.1MB
- MD5
  
  e72424408e6441d0f362cd9946c6cc60
- SHA1
  
  65cbfe67462ed01463903b13eda1caa10d5babcf
- SHA256
  
  5843e3a65830a8f2ce2c28a484f94049f81790516d8fada0f198f58fc95f49a0
- SHA512
  
  05476ceee021edbcfccae507f08aebc5dfa72d3de41b38ca8892bd4ee7e9545d753f761d360902e93444a453af473f46f3cc20068bf817f5599967cbc8cfa4e7
- SSDEEP
  
  49152:AKdKdhwcjW7oPlIFP2a8cTPBn+zOkLH4Gh0LKUm:AKdQheoPOx8Mnbk
Score

9^/10

ransomware
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File Deletion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Inhibit System Recovery

Tasks

static1

ransomwareroyal

behavioral1

behavioral2

© 2018-2024

Terms | Privacy