0fac24ed56aa5aba04b7a2a7d1e04bd4002a2c65f5a3bb68ef3381a64e62846f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b828f03ef1f333_JC.exe
Size

19.2MB
Sample

230718-q6r3zabf9v
MD5

b828f03ef1f33371ab09326c774b8b9d
SHA1

41e08be49023c011b3c056512990c18a08b83490
SHA256

0fac24ed56aa5aba04b7a2a7d1e04bd4002a2c65f5a3bb68ef3381a64e62846f
SHA512

4cf7f81a988e84a027faa449f7e1bfb5f40f2ff8a830b2607b353873cf4e8483aa4b63b6c04a9a3748d70397594fc62455965e811c50fd6acd010c2068c0dc08
SSDEEP

196608:wjWEjWWs3TehREvuI+kL2t0La3ZKk2OPQWnBs3hxqze4pc3+rk5qif:ycT7vMkL27gFnDq0

Score

8^/10

persistence ransomware

Malware Config

Targets

- Target
  
  b828f03ef1f333_JC.exe
- Size
  
  19.2MB
- MD5
  
  b828f03ef1f33371ab09326c774b8b9d
- SHA1
  
  41e08be49023c011b3c056512990c18a08b83490
- SHA256
  
  0fac24ed56aa5aba04b7a2a7d1e04bd4002a2c65f5a3bb68ef3381a64e62846f
- SHA512
  
  4cf7f81a988e84a027faa449f7e1bfb5f40f2ff8a830b2607b353873cf4e8483aa4b63b6c04a9a3748d70397594fc62455965e811c50fd6acd010c2068c0dc08
- SSDEEP
  
  196608:wjWEjWWs3TehREvuI+kL2t0La3ZKk2OPQWnBs3hxqze4pc3+rk5qif:ycT7vMkL27gFnDq0
Score

8^/10

persistence ransomware
- Drops file in Drivers directory
- Adds Run key to start application
  persistence
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

behavioral2

persistenceransomware