49ac3bedb9cb9bda64669f5b365fb0ece09b08269c07d1a6efbc19412976c19d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3fcc74c70b951cfe315717d2e67429b8_JC.exe
Size

248KB
Sample

231010-1ml3qafd68
MD5

3fcc74c70b951cfe315717d2e67429b8
SHA1

c1b8f0d0b394304d488ae65e99f307acdd3050ab
SHA256

49ac3bedb9cb9bda64669f5b365fb0ece09b08269c07d1a6efbc19412976c19d
SHA512

b971236cbebe3f8ed0f0096c7be9a552ff0cf73fb8f6add05d2d55a0ad87f4fc145d6b819eed905a11cbec8927216104b5bce2942cdc5315d47b0105793fea90
SSDEEP

3072:YgV7qqpZXXRvjxCb5NgXDY7uSlkJcUa7kYQTcqW2NdQQGH/UDhSCUc4aqTBK91gv:51rlKgzelZNQSBQGH/CSpWqTTmQL

Score

6^/10

ransomware

Malware Config

Targets

- Target
  
  3fcc74c70b951cfe315717d2e67429b8_JC.exe
- Size
  
  248KB
- MD5
  
  3fcc74c70b951cfe315717d2e67429b8
- SHA1
  
  c1b8f0d0b394304d488ae65e99f307acdd3050ab
- SHA256
  
  49ac3bedb9cb9bda64669f5b365fb0ece09b08269c07d1a6efbc19412976c19d
- SHA512
  
  b971236cbebe3f8ed0f0096c7be9a552ff0cf73fb8f6add05d2d55a0ad87f4fc145d6b819eed905a11cbec8927216104b5bce2942cdc5315d47b0105793fea90
- SSDEEP
  
  3072:YgV7qqpZXXRvjxCb5NgXDY7uSlkJcUa7kYQTcqW2NdQQGH/UDhSCUc4aqTBK91gv:51rlKgzelZNQSBQGH/CSpWqTTmQL
Score

6^/10

ransomware
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

behavioral2