12fb2934d9e5781c9fbfe9ac4130beba7a6fa50cf8bb7296079956a080478cff | Triage

Sharing

General

Target

NEAS.bd9f75dcd1f2363ee3fab20d61f7b360.exe
Size

276KB
Sample

231016-w8gmxaae5s
MD5

bd9f75dcd1f2363ee3fab20d61f7b360
SHA1

fa5531143e7576cf8c1905d1da961fe765ca1c59
SHA256

12fb2934d9e5781c9fbfe9ac4130beba7a6fa50cf8bb7296079956a080478cff
SHA512

f00e86f8dc5879c244797be746b6525c4238348894d027be1a0a4f5934e04edac619dfdad3174f05f2e132cf4a1c40db0611c892cf79028095ebd040cd0c7ea1
SSDEEP

3072:JaHSp3tGXRvjxCb5NgXDY7uSlkJcUa7kYQTcqW2NdQQGH/UDhSCUc4aqTBWO:gHHlKgzelZNQSBQGH/CSpWqT

Score

6^/10

ransomware

Malware Config

Targets

- Target
  
  NEAS.bd9f75dcd1f2363ee3fab20d61f7b360.exe
- Size
  
  276KB
- MD5
  
  bd9f75dcd1f2363ee3fab20d61f7b360
- SHA1
  
  fa5531143e7576cf8c1905d1da961fe765ca1c59
- SHA256
  
  12fb2934d9e5781c9fbfe9ac4130beba7a6fa50cf8bb7296079956a080478cff
- SHA512
  
  f00e86f8dc5879c244797be746b6525c4238348894d027be1a0a4f5934e04edac619dfdad3174f05f2e132cf4a1c40db0611c892cf79028095ebd040cd0c7ea1
- SSDEEP
  
  3072:JaHSp3tGXRvjxCb5NgXDY7uSlkJcUa7kYQTcqW2NdQQGH/UDhSCUc4aqTBWO:gHHlKgzelZNQSBQGH/CSpWqT
Score

6^/10

ransomware
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

behavioral2