90c72f3e02ae7a7811e1c73e1694ab2a89df2a960d858acc4230c025d2e63010 | Triage

Submit
Reports

Overview

overview

Static

static

1

Build 29.exe

windows10-2004-x64

Resubmissions

21/04/2023, 18:03

230421-wnchfshb99 10

15/04/2023, 20:14

230415-yzz41ahb5z 10

Sharing

General

Target

Build 29.exe
Size

1000KB
Sample

230421-wnchfshb99
MD5

5e2555aafd40aa3759356ba7d0d4bf94
SHA1

7a0efbc6eced21266b4dde7917b56786bbff4d72
SHA256

90c72f3e02ae7a7811e1c73e1694ab2a89df2a960d858acc4230c025d2e63010
SHA512

806e44614c0277ea069024243a2e3f17a66236ad9c6764c632689027d406f844c8d4c06a764e03bd4e65d77de595894e8e4df4f8ed9edcc8017629ade701f85e
SSDEEP

24576:pLllLl7CEtNeO/zwj6WM1ZfBelVVqCC1iMs16AQ:BllLtg8nWKG0CCb0XQ

Score

10^/10

evasion ransomware trojan

Static task

static1

Behavioral task

behavioral1

Sample

Build 29.exe

Resource

win10v2004-20230221-en

evasion ransomware trojan

windows10-2004-x64

20 signatures

600 seconds

Malware Config

Targets

- Target
  
  Build 29.exe
- Size
  
  1000KB
- MD5
  
  5e2555aafd40aa3759356ba7d0d4bf94
- SHA1
  
  7a0efbc6eced21266b4dde7917b56786bbff4d72
- SHA256
  
  90c72f3e02ae7a7811e1c73e1694ab2a89df2a960d858acc4230c025d2e63010
- SHA512
  
  806e44614c0277ea069024243a2e3f17a66236ad9c6764c632689027d406f844c8d4c06a764e03bd4e65d77de595894e8e4df4f8ed9edcc8017629ade701f85e
- SSDEEP
  
  24576:pLllLl7CEtNeO/zwj6WM1ZfBelVVqCC1iMs16AQ:BllLtg8nWKG0CCb0XQ
Score

10^/10

evasion ransomware trojan
- UAC bypass
  evasion trojan
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Checks whether UAC is enabled
  evasion trojan
- Sets desktop wallpaper using registry
  ransomware
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Bypass User Account Control

Scheduled Task

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

evasionransomwaretrojan

© 2018-2025

Terms | Privacy