Extracted

• • Target

    7za.exe

  • Size

    772KB

  • MD5

    b93eb0a48c91a53bda6a1a074a4b431e

  • SHA1

    ac693a14c697b1a8ee80318e260e817b8ee2aa86

  • SHA256

    ab15a9b27ee2d69a8bc8c8d1f5f40f28cd568f5cbb28d36ed938110203f8d142

  • SHA512

    732cb0dcb2b1dac1a7462554c256cec27de243734f79b7f87026e9f5fbae6d5d8a5f14a702d2af0b65897b6abad70a9eff1905dc851ce267d221ddcdd9e640c5

  • SSDEEP

    24576:DFhjj7f4K+ao308d0ORMz27R0iIdclDJiD:JlwpP90OFWxD

  Score

  1^/10
  behavioral1

• • Target

    Amigodainapasik.exe

  • Size

    2.3MB

  • MD5

    0da0f742cf3bd80919716fbd03299189

  • SHA1

    0ff0f5254e399aa2d487dd7f0dec032a3429f257

  • SHA256

    8f8ce3e99d843a4beb1d3d961a7cab27e75e32490132464e448bdbcd97ddcfd5

  • SHA512

    ce92c93973120a2808b7b33c20324f450b1e33aa1637fd2a66bc3c8f56cd44ec492e71cd8e34eb807c6cbfc5e356332b487144168de531be787ebb75ee3778f3

  • SSDEEP

    49152:ohBJrWt7Yfg1evewmI874ZtPttM/G/jOayrdDKr:ohBJrWF04RIu4Zfa3rdOr

  Score

  10^/10

  mimicevasionpersistenceransomwaretrojan

  • Detects Mimic ransomware

  • Mimic

    Ransomware family was first exploited in the wild in 2022.

    ransomwaremimic

  • UAC bypass

    evasiontrojan

  • Modifies boot configuration data using bcdedit

    ransomwareevasion

  • Renames multiple (5797) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware

  • Deletes System State backups

    Uses wbadmin.exe to inhibit system recovery.

    ransomware

  • Deletes backup catalog

    Uses wbadmin.exe to inhibit system recovery.

    ransomware

  • Sets file execution options in registry

    persistence

  • Executes dropped EXE

  • Loads dropped DLL

  • Modifies system executable filetype association

    persistence

  • Adds Run key to start application

    persistence

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  behavioral2

• • Target

    Everything.exe

  • Size

    1.7MB

  • MD5

    c44487ce1827ce26ac4699432d15b42a

  • SHA1

    8434080fad778057a50607364fee8b481f0feef8

  • SHA256

    4c83e46a29106afbaf5279029d102b489d958781764289b61ab5b618a4307405

  • SHA512

    a0ea698333c21e59b5bc79d79ff39d185a019cede394dbd8b2eb72c4230001685a90098a691c296aeab27db6751eef56c4261cf00f790de2e9e9efc0e7f7c808

  • SSDEEP

    49152:sVzyP4BTkT3EApTLi2CCzMn3jzjAhFEy+eaXr:sVzyABTwEH

  Score

  6^/10

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  behavioral3

• • Target

    Everything32.dll

  • Size

    84KB

  • MD5

    3b03324537327811bbbaff4aafa4d75b

  • SHA1

    1218bd8165a2e0ec56a88b5a8bb4b27e52b564e7

  • SHA256

    8cae8a9740d466e17f16481e68de9cbd58265863c3924d66596048edfd87e880

  • SHA512

    ba5312e1836bac0bb05b133b2b938be98b28646c8b8fc45804d7f252cd2e1a191667bfa8ba979bf2a07d49053114234b78cca83ef28aecf105d7169a3ec3dc62

  • SSDEEP

    768:r7q2ysU1Jr1SHx6p73TpzkqVVWwupGKcrrbRkzOnORqhJtfwxnZRqFlP+YiXoyIZ:r7q2EJx+OVkqTIZerpnA2tfet7XJIZ

  Score

  1^/10
  behavioral4

• • Target

    sdel.exe

  • Size

    350KB

  • MD5

    803df907d936e08fbbd06020c411be93

  • SHA1

    4aa4b498ae037a2b0479659374a5c3af5f6b8d97

  • SHA256

    e8eaa39e2adfd49ab69d7bb8504ccb82a902c8b48fbc256472f36f41775e594c

  • SHA512

    5b9c44b4ed68b632360c66b35442722d2797807c88555c9fde9c176581d410e4f6ed433fabdcd9ee614db458158e6055a9f7f526ebfbc8e7f5f3d388f5de4532

  • SSDEEP

    6144:OBgL/kqXQangs2iKn5yvfj7wZxPzzLHrNJT7V:QgL5ga0iKn5GfPwZRT5

  Score

  1^/10
  behavioral5

• • Target

    sdel64.exe

  • Size

    448KB

  • MD5

    e2114b1627889b250c7fd0425ba1bd54

  • SHA1

    97412dba3cbeb0125c71b7b2ab194ea2fdff51b2

  • SHA256

    5434dfdb731238edcb07a8c3a83594791536dda7a63c29f19be7bb1d59aedd60

  • SHA512

    76ca5f677bc8ee1485f3d5b028b3a91f74344e9ff7af3c62a98e737a9888bd35389b3e6bf7b8b67747e0f64e1c973c0708864f12de1388b95f5c31b4e084e2e1

  • SSDEEP

    6144:cUudhn2yq9XzD0216Ta7CfqwbYs78LCA7uQUjRRMbq0gdyTwwFEbK1ldfI+niDNQ:czrnfqhDCqwbYs78LCA7qRMbq0ge3xg6

  Score

  1^/10
  behavioral6