571f8a3e708e1524817f4f26ea2aaa896eefe5681ebc8381f45ed9b4d097d154 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c48423b8ea1f76cfa98b0780a66e2850_exe32.exe
Size

316KB
Sample

231015-yggvpsef4s
MD5

c48423b8ea1f76cfa98b0780a66e2850
SHA1

863a629216ca6e6bb92466c4d7aee600fd7dd0f5
SHA256

571f8a3e708e1524817f4f26ea2aaa896eefe5681ebc8381f45ed9b4d097d154
SHA512

c347222e19bb02f5d568a894cf1d42c98d76870e0311535c48fbd3452418703a9b401db6752d1216a7481614d35cab34f7a3cd79c3136ce7791e6ea1c465c325
SSDEEP

3072:GQXi3tGXRvjxCb5NgXDY7uSK4aqTBrgmQ+:r9lKgzeYqTKmQ

Score

6^/10

ransomware

Malware Config

Targets

- Target
  
  c48423b8ea1f76cfa98b0780a66e2850_exe32.exe
- Size
  
  316KB
- MD5
  
  c48423b8ea1f76cfa98b0780a66e2850
- SHA1
  
  863a629216ca6e6bb92466c4d7aee600fd7dd0f5
- SHA256
  
  571f8a3e708e1524817f4f26ea2aaa896eefe5681ebc8381f45ed9b4d097d154
- SHA512
  
  c347222e19bb02f5d568a894cf1d42c98d76870e0311535c48fbd3452418703a9b401db6752d1216a7481614d35cab34f7a3cd79c3136ce7791e6ea1c465c325
- SSDEEP
  
  3072:GQXi3tGXRvjxCb5NgXDY7uSK4aqTBrgmQ+:r9lKgzeYqTKmQ
Score

6^/10

ransomware
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

behavioral2