Overview

overview

9

Static

static

3

InSenSe.exe

windows10-2004-x64

9

Resubmissions

08/06/2023, 18:32

230608-w641esad2z 9

08/06/2023, 18:29

230608-w4yevsac9y 9

Sharing

Copy URL Twitter E-mail

General

  • Target

    InSenSe.exe

  • Size

    14.0MB

  • Sample

    230608-w641esad2z

  • MD5

    3b19ae1b0bb4492a2a42c128aff96623

  • SHA1

    13bd5613192e331713e4c2569874419a93718b1a

  • SHA256

    be97a795e5731eac85fc77c155736963934b225c72ea9e69d6ec6339dc6d905d

  • SHA512

    9697703c1e2e2ea86b87bdb90649b40f697993f87caf1daf37e75b9f1b406fd6d31bf628b7b4f9625cb9bc57b29521bca2dde90d34eac4bfc7a77841af52962f

  • SSDEEP

    196608:yrSseyd1M+h8WpWLsLBJGvYdQmkgSseyd1M+h8WpWLsLBJGvYdQXWv:gkp+h8Kf9EvYdQm9kp+h8Kf9EvYdQ

Score
9/10
persistenceransomware

Malware Config

Targets

    • Target

      InSenSe.exe

    • Size

      14.0MB

    • MD5

      3b19ae1b0bb4492a2a42c128aff96623

    • SHA1

      13bd5613192e331713e4c2569874419a93718b1a

    • SHA256

      be97a795e5731eac85fc77c155736963934b225c72ea9e69d6ec6339dc6d905d

    • SHA512

      9697703c1e2e2ea86b87bdb90649b40f697993f87caf1daf37e75b9f1b406fd6d31bf628b7b4f9625cb9bc57b29521bca2dde90d34eac4bfc7a77841af52962f

    • SSDEEP

      196608:yrSseyd1M+h8WpWLsLBJGvYdQmkgSseyd1M+h8WpWLsLBJGvYdQXWv:gkp+h8Kf9EvYdQm9kp+h8Kf9EvYdQ

    Score
    9/10
    persistenceransomware

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Sets service image path in registry

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks