947ce65c823b1d88fa415e1126bc38e672f015e35e3b04206d1beecbfe0aaeae | Triage

Sharing

General

Target

7ff76e0a60b5dcexeexeexeex.exe
Size

239KB
Sample

230708-y98twsaa89
MD5

7ff76e0a60b5dc2a584ebf7fece71af2
SHA1

75246bf8430ba42b38068ed370f05d1e19b66a6d
SHA256

947ce65c823b1d88fa415e1126bc38e672f015e35e3b04206d1beecbfe0aaeae
SHA512

14fa3588cf8dcc2070c16421e8edfe4a8a693771029cb46a0ed0d96e626348d3e3f4217aea6b80b3e1c3f8bbd65c7581942bba7bf93b8aba97305a760cedfabf
SSDEEP

6144:stGCgnziB9sHh5A31HQa8qR23aC9ysQE9xFnIfJrdxpxOT025pX/b/Uo:eobAlh7GV9rDogQ

Score

10^/10

evasion persistence ransomware spyware stealer trojan

Malware Config

Targets

- Target
  
  7ff76e0a60b5dcexeexeexeex.exe
- Size
  
  239KB
- MD5
  
  7ff76e0a60b5dc2a584ebf7fece71af2
- SHA1
  
  75246bf8430ba42b38068ed370f05d1e19b66a6d
- SHA256
  
  947ce65c823b1d88fa415e1126bc38e672f015e35e3b04206d1beecbfe0aaeae
- SHA512
  
  14fa3588cf8dcc2070c16421e8edfe4a8a693771029cb46a0ed0d96e626348d3e3f4217aea6b80b3e1c3f8bbd65c7581942bba7bf93b8aba97305a760cedfabf
- SSDEEP
  
  6144:stGCgnziB9sHh5A31HQa8qR23aC9ysQE9xFnIfJrdxpxOT025pX/b/Uo:eobAlh7GV9rDogQ
Score

10^/10

evasion persistence ransomware spyware stealer trojan
- Modifies visibility of file extensions in Explorer
  evasion
- UAC bypass
  evasion trojan
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Hidden Files and Directories

Modify Registry

Credential Access

Credentials in Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistenceransomwarespywarestealertrojan

behavioral2

evasionpersistencetrojan