Overview

overview

10

Static

static

3

4624df7f5f...JC.exe

windows7-x64

10

4624df7f5f...JC.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    4624df7f5fbf5cexeexe_JC.exe

  • Size

    34.9MB

  • Sample

    230715-pssxnsae35

  • MD5

    4624df7f5fbf5c0133f777d8c6732864

  • SHA1

    4a92bbeae541abbc460bdd6eb4dce207f01cfb5e

  • SHA256

    5b5f0b6d45e84aff70945918e8c6e4e352de1ac28f4619facefec207184f9892

  • SHA512

    e3df0f88fc3a8b6b94739c4992381391791458146dc350933ffca54937cc97917b3af7adacdcb488debc2851c84db61f304a0a1820cbf395fad79509190034b7

  • SSDEEP

    786432:/9nGpdhL18fT+64BxYO/eITtxyFuweTJHUwfseQeXtTpvluxiFm/0HB/IlbEw:cpubTkLTTI9wUleXtTptrQ0H8Q

Score
10/10
evasionpersistenceransomwaretrojan

Malware Config

Targets

    • Target

      4624df7f5fbf5cexeexe_JC.exe

    • Size

      34.9MB

    • MD5

      4624df7f5fbf5c0133f777d8c6732864

    • SHA1

      4a92bbeae541abbc460bdd6eb4dce207f01cfb5e

    • SHA256

      5b5f0b6d45e84aff70945918e8c6e4e352de1ac28f4619facefec207184f9892

    • SHA512

      e3df0f88fc3a8b6b94739c4992381391791458146dc350933ffca54937cc97917b3af7adacdcb488debc2851c84db61f304a0a1820cbf395fad79509190034b7

    • SSDEEP

      786432:/9nGpdhL18fT+64BxYO/eITtxyFuweTJHUwfseQeXtTpvluxiFm/0HB/IlbEw:cpubTkLTTI9wUleXtTptrQ0H8Q

    Score
    10/10
    evasionpersistenceransomwaretrojan

    • Modifies WinLogon for persistence

      persistence

    • UAC bypass

      evasiontrojan

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Modifies system executable filetype association

      persistence

    • Adds Run key to start application

      persistence

    • Checks whether UAC is enabled

      evasiontrojan

    • Drops file in System32 directory

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks