7c1b4faa8f4f16ec72f9bd1004328118e439bdb8b9dff10517511259a7ffce1f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

palladins.exe
Size

155KB
Sample

230412-q4jntacf89
MD5

5decb43f4c0a36663e2b0d1610233f8a
SHA1

761675a45c81264d5c7b614042952c1c1dad167a
SHA256

7c1b4faa8f4f16ec72f9bd1004328118e439bdb8b9dff10517511259a7ffce1f
SHA512

545aa55135e35491fa5af381835327ed0f954d0f2a45a899fd1d7c2d5dd22dac6dc7148c39d88166fb77d25a8e466fa899f8a9b5d477f472c0c660d17342d27a
SSDEEP

3072:m7DhdC6kzWypvaQ0FxyNTBfgb2zKDSs96vHPR4zImTRPDTS:mBlkZvaF4NTBoSzAZoPRgIGTS

Score

8^/10

ransomware

Malware Config

Targets

- Target
  
  palladins.exe
- Size
  
  155KB
- MD5
  
  5decb43f4c0a36663e2b0d1610233f8a
- SHA1
  
  761675a45c81264d5c7b614042952c1c1dad167a
- SHA256
  
  7c1b4faa8f4f16ec72f9bd1004328118e439bdb8b9dff10517511259a7ffce1f
- SHA512
  
  545aa55135e35491fa5af381835327ed0f954d0f2a45a899fd1d7c2d5dd22dac6dc7148c39d88166fb77d25a8e466fa899f8a9b5d477f472c0c660d17342d27a
- SSDEEP
  
  3072:m7DhdC6kzWypvaQ0FxyNTBfgb2zKDSs96vHPR4zImTRPDTS:mBlkZvaF4NTBoSzAZoPRgIGTS
Score

8^/10

ransomware
- Blocklisted process makes network request
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

behavioral2