73cb87faef2c3ecb0302862632490bd72bf4adcb6266c912ba991396a8b4b073 | Triage

Sharing

General

Target

73cb87faef2c3ecb0302862632490bd72bf4adcb6266c912ba991396a8b4b073
Size

406KB
Sample

230327-j5rbqaee4t
MD5

392f56d7c7b640affaae2e99410f3ec7
SHA1

bcbe1b37f5c6712f21fe2b8cdfe030e55b235a1b
SHA256

73cb87faef2c3ecb0302862632490bd72bf4adcb6266c912ba991396a8b4b073
SHA512

386e65e25015a5badf2f77e7c46413d71022a58877011caacc9e53229c3242d5c84803122841578e6af79a4856364498aa05239b2dd3ef64439c1bbc2e5450dc
SSDEEP

12288:kAqRal1A2gsWn18XIGapIAy83rNa+rid0:kxkJ45G9F8A+R

Score

9^/10

persistence ransomware

Malware Config

Targets

- Target
  
  73cb87faef2c3ecb0302862632490bd72bf4adcb6266c912ba991396a8b4b073
- Size
  
  406KB
- MD5
  
  392f56d7c7b640affaae2e99410f3ec7
- SHA1
  
  bcbe1b37f5c6712f21fe2b8cdfe030e55b235a1b
- SHA256
  
  73cb87faef2c3ecb0302862632490bd72bf4adcb6266c912ba991396a8b4b073
- SHA512
  
  386e65e25015a5badf2f77e7c46413d71022a58877011caacc9e53229c3242d5c84803122841578e6af79a4856364498aa05239b2dd3ef64439c1bbc2e5450dc
- SSDEEP
  
  12288:kAqRal1A2gsWn18XIGapIAy83rNa+rid0:kxkJ45G9F8A+R
Score

9^/10

persistence ransomware
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Adds Run key to start application
  persistence
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

File Deletion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Inhibit System Recovery

Defacement

Tasks

static1

behavioral1

behavioral2

persistenceransomware