5406af0c6dfde5903acf5a2cbf0f41fad3f7590ac848f967ba3208e348913d5d | Triage

Sharing

General

Target

NEAS.a1ba1685cb834d22f013dce2ab740210.exe
Size

330KB
Sample

231016-w588raha5v
MD5

a1ba1685cb834d22f013dce2ab740210
SHA1

6d47b14b7c64e3a42bbc22ed765e292e31f8758e
SHA256

5406af0c6dfde5903acf5a2cbf0f41fad3f7590ac848f967ba3208e348913d5d
SHA512

b276a896865fc58d1a83daf1f03b71f71c14315fb9c7099d4d7932a8464245d9b3ba69dc389c2a29ea7f18ab7bfdf0031d1b0481990c189c6e374153b225e0b0
SSDEEP

3072:UQXi3tGXRvjxCb5NgXDY7uSlkJcUa7kYQTcqW2NdQQGH/UDhSCUc4aqTBrgmQ+:N9lKgzelZNQSBQGH/CSpWqTKmQ

Score

6^/10

ransomware

Malware Config

Targets

- Target
  
  NEAS.a1ba1685cb834d22f013dce2ab740210.exe
- Size
  
  330KB
- MD5
  
  a1ba1685cb834d22f013dce2ab740210
- SHA1
  
  6d47b14b7c64e3a42bbc22ed765e292e31f8758e
- SHA256
  
  5406af0c6dfde5903acf5a2cbf0f41fad3f7590ac848f967ba3208e348913d5d
- SHA512
  
  b276a896865fc58d1a83daf1f03b71f71c14315fb9c7099d4d7932a8464245d9b3ba69dc389c2a29ea7f18ab7bfdf0031d1b0481990c189c6e374153b225e0b0
- SSDEEP
  
  3072:UQXi3tGXRvjxCb5NgXDY7uSlkJcUa7kYQTcqW2NdQQGH/UDhSCUc4aqTBrgmQ+:N9lKgzelZNQSBQGH/CSpWqTKmQ
Score

6^/10

ransomware
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

behavioral2