372d7d8bd828ed7faa303ad829256b4c7934559c602437e5ae2658f2719fb287 | Triage

Submit
Reports

Overview

overview

Static

static

1

redirect.html

windows10-2004-x64

Sharing

General

Target

redirect
Size

6KB
Sample

230521-m93gbscd91
MD5

694680408a881a5e0fcf0566cd84beb8
SHA1

44c7381994767a7ce19ac500a06a331a0c74717e
SHA256

372d7d8bd828ed7faa303ad829256b4c7934559c602437e5ae2658f2719fb287
SHA512

0053d7292766c32ce6ce6fd0452941286a65ca5079f71ec5e94eb635da7bd3d92e09602d91e8937ed2a863273a071a64232ab68bfd756dc7bde14ba43024f563
SSDEEP

192:dVHLxX7777/77QF7U0LCARd4BYjsIIgwOGXJE:dVr5HYW0FjsIdwOGXi

Score

10^/10

evasion persistence ransomware trojan

Static task

static1

Behavioral task

behavioral1

Sample

redirect.html

Resource

win10v2004-20230220-en

evasion persistence ransomware trojan

windows10-2004-x64

17 signatures

1800 seconds

Malware Config

Targets

- Target
  
  redirect
- Size
  
  6KB
- MD5
  
  694680408a881a5e0fcf0566cd84beb8
- SHA1
  
  44c7381994767a7ce19ac500a06a331a0c74717e
- SHA256
  
  372d7d8bd828ed7faa303ad829256b4c7934559c602437e5ae2658f2719fb287
- SHA512
  
  0053d7292766c32ce6ce6fd0452941286a65ca5079f71ec5e94eb635da7bd3d92e09602d91e8937ed2a863273a071a64232ab68bfd756dc7bde14ba43024f563
- SSDEEP
  
  192:dVHLxX7777/77QF7U0LCARd4BYjsIIgwOGXJE:dVr5HYW0FjsIdwOGXi
Score

10^/10

evasion persistence ransomware trojan
- Modifies WinLogon for persistence
  persistence
- UAC bypass
  evasion trojan
- Disables RegEdit via registry modification
  evasion
- Drops desktop.ini file(s)
- Legitimate hosting services abused for malware hosting/C2
- Sets desktop wallpaper using registry
  ransomware
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Web Service

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

evasionpersistenceransomwaretrojan

© 2018-2024

Terms | Privacy