Overview

overview

8

Static

static

1

StandingOv...IF.gif

windows10-1703-x64

Resubmissions

15-04-2023 06:36

230415-hdbaraeh2x 1

15-04-2023 01:31

230415-bxezqacf49 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    StandingOvationGIF.gif

  • Size

    2.1MB

  • Sample

    230415-bxezqacf49

  • MD5

    1c6943c372187ed186416b895f4eb06c

  • SHA1

    5629882515315c3d05bd85d08845add0d7d43b83

  • SHA256

    a4cfee2fc54c57a3a213ac3932a31382b01e4668adf4c478bc460b6088abf7eb

  • SHA512

    e65d0a97a31de0d8d163af469c013844aaf0cbfd98a301d20f3aa5fc077557746426a4e35220850bbbb6a5e143aa999a62ef6b318bde55afa855a15c1ba86327

  • SSDEEP

    49152:M3p5eqstIUiSsGyiQxOO6cGWEsKTMV5kz36SB0z/cEEl:yjjst9s1iQYzcnEVQKXicd

Score
8/10
evasionransomware

Malware Config

Targets

    • Target

      StandingOvationGIF.gif

    • Size

      2.1MB

    • MD5

      1c6943c372187ed186416b895f4eb06c

    • SHA1

      5629882515315c3d05bd85d08845add0d7d43b83

    • SHA256

      a4cfee2fc54c57a3a213ac3932a31382b01e4668adf4c478bc460b6088abf7eb

    • SHA512

      e65d0a97a31de0d8d163af469c013844aaf0cbfd98a301d20f3aa5fc077557746426a4e35220850bbbb6a5e143aa999a62ef6b318bde55afa855a15c1ba86327

    • SSDEEP

      49152:M3p5eqstIUiSsGyiQxOO6cGWEsKTMV5kz36SB0z/cEEl:yjjst9s1iQYzcnEVQKXicd

    Score
    8/10
    evasionransomware

    • Disables Task Manager via registry modification

      evasion

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Legitimate hosting services abused for malware hosting/C2

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks