b03ddfc8ae56620f03764f3af9890fd29475c7610c9b2a5a701691f9419cbc21 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NA_NA_319740a31149e1exeexe_JC.exe
Size

12.8MB
Sample

230723-yrgbxsgh5x
MD5

319740a31149e1903491dd9d74d2a70b
SHA1

99c888f437c3cd112942f7b038fac8378962abd1
SHA256

b03ddfc8ae56620f03764f3af9890fd29475c7610c9b2a5a701691f9419cbc21
SHA512

d749915608a7ca3ae9ff69eabb7865cfa6835e92717c370c70d67ce5c899beea414b5c846b109d538eb9748feb0832d5e006eff32f4220795ffb816eead63f2e
SSDEEP

196608:wjWEjWWs3TehREvuI+kL2t0La3ZzpRvcV93dPs:ycT7vMkL27CV93O

Score

8^/10

persistence ransomware

Malware Config

Targets

- Target
  
  NA_NA_319740a31149e1exeexe_JC.exe
- Size
  
  12.8MB
- MD5
  
  319740a31149e1903491dd9d74d2a70b
- SHA1
  
  99c888f437c3cd112942f7b038fac8378962abd1
- SHA256
  
  b03ddfc8ae56620f03764f3af9890fd29475c7610c9b2a5a701691f9419cbc21
- SHA512
  
  d749915608a7ca3ae9ff69eabb7865cfa6835e92717c370c70d67ce5c899beea414b5c846b109d538eb9748feb0832d5e006eff32f4220795ffb816eead63f2e
- SSDEEP
  
  196608:wjWEjWWs3TehREvuI+kL2t0La3ZzpRvcV93dPs:ycT7vMkL27CV93O
Score

8^/10

persistence ransomware
- Drops file in Drivers directory
- Adds Run key to start application
  persistence
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

behavioral2

persistenceransomware