dfea0a5e7ea1dc011b78d284d236ca9b510d7a567fd39db32315e97cba0294f1 | Triage

Sharing

General

Target

b3af1b3975307f_JC.exe
Size

20.0MB
Sample

230718-p64w4aad55
MD5

b3af1b3975307f9ac4719a7384ea361e
SHA1

e18f396f1db2244ec4cdeb06815e220632dbb959
SHA256

dfea0a5e7ea1dc011b78d284d236ca9b510d7a567fd39db32315e97cba0294f1
SHA512

bbb5d0cb5567d550adfe3ef3477a1f69645b895db13cbaabbfe8b4c7a1f3cc6597a451b168f72aada4a1205aaa2986de303c409c3efaca21dd0b4ce7ac046153
SSDEEP

196608:wjWEjWWs3TehREvuI+kL2t0La3ZKk2OPQWnBs3hxqze4pc3+rk5qiq:ycT7vMkL27gFnDq

Score

8^/10

persistence ransomware

Malware Config

Targets

- Target
  
  b3af1b3975307f_JC.exe
- Size
  
  20.0MB
- MD5
  
  b3af1b3975307f9ac4719a7384ea361e
- SHA1
  
  e18f396f1db2244ec4cdeb06815e220632dbb959
- SHA256
  
  dfea0a5e7ea1dc011b78d284d236ca9b510d7a567fd39db32315e97cba0294f1
- SHA512
  
  bbb5d0cb5567d550adfe3ef3477a1f69645b895db13cbaabbfe8b4c7a1f3cc6597a451b168f72aada4a1205aaa2986de303c409c3efaca21dd0b4ce7ac046153
- SSDEEP
  
  196608:wjWEjWWs3TehREvuI+kL2t0La3ZKk2OPQWnBs3hxqze4pc3+rk5qiq:ycT7vMkL27gFnDq
Score

8^/10

persistence ransomware
- Drops file in Drivers directory
- Adds Run key to start application
  persistence
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

behavioral2

persistenceransomware