e44f1682d4fafa7d2f034f07afeac2e930875f857c81b38bfac7cf70677ff97d | Triage

Sharing

General

Target

NEAS.3af09890033fa550d5601d858a81e1b0.exe
Size

339KB
Sample

231014-wfg3zahc9s
MD5

3af09890033fa550d5601d858a81e1b0
SHA1

6f3ef722bfd9f2aa70cf84befb17f589a693a32c
SHA256

e44f1682d4fafa7d2f034f07afeac2e930875f857c81b38bfac7cf70677ff97d
SHA512

31a1f28597759cf97826aef701a90254205ca6e1db2f4d243aa5d984093e6a490d8e24fca6ff729bab432e8c6c475d722f70a8b8d3dcec9bb43c6fdc7270712a
SSDEEP

3072:DCOPi3tG24aqTBWpkvb0AXj5iNyPpT4bG2k:JFEqTxoAXjiU4bz

Score

6^/10

ransomware

Malware Config

Targets

- Target
  
  NEAS.3af09890033fa550d5601d858a81e1b0.exe
- Size
  
  339KB
- MD5
  
  3af09890033fa550d5601d858a81e1b0
- SHA1
  
  6f3ef722bfd9f2aa70cf84befb17f589a693a32c
- SHA256
  
  e44f1682d4fafa7d2f034f07afeac2e930875f857c81b38bfac7cf70677ff97d
- SHA512
  
  31a1f28597759cf97826aef701a90254205ca6e1db2f4d243aa5d984093e6a490d8e24fca6ff729bab432e8c6c475d722f70a8b8d3dcec9bb43c6fdc7270712a
- SSDEEP
  
  3072:DCOPi3tG24aqTBWpkvb0AXj5iNyPpT4bG2k:JFEqTxoAXjiU4bz
Score

6^/10

ransomware
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

behavioral2