049497ee9873919ceaf553c684d62cbc0f0205687df566db877bd0ea636b360b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.00011227a1093938c6daee4b315f2387.exe
Size

414KB
Sample

231101-vsxthscf64
MD5

00011227a1093938c6daee4b315f2387
SHA1

6c91ce584d6ad128e62d0087d370be5793558dba
SHA256

049497ee9873919ceaf553c684d62cbc0f0205687df566db877bd0ea636b360b
SHA512

ff92648a9be4fa82f3d3661a70fb69655dd5fe0be77a385dcb6c74493e9edcc2dfefddc97b8feccf6d9c443d5070eb58fc122b48f68a66dd526f1469f7c49688
SSDEEP

3072:Wxv/y9LJ3tGXRvjxCb5NgXDY7uSK4aqTBrgmQ+i:qamlKgzeYqTKmQZ

Score

6^/10

ransomware

Malware Config

Targets

- Target
  
  NEAS.00011227a1093938c6daee4b315f2387.exe
- Size
  
  414KB
- MD5
  
  00011227a1093938c6daee4b315f2387
- SHA1
  
  6c91ce584d6ad128e62d0087d370be5793558dba
- SHA256
  
  049497ee9873919ceaf553c684d62cbc0f0205687df566db877bd0ea636b360b
- SHA512
  
  ff92648a9be4fa82f3d3661a70fb69655dd5fe0be77a385dcb6c74493e9edcc2dfefddc97b8feccf6d9c443d5070eb58fc122b48f68a66dd526f1469f7c49688
- SSDEEP
  
  3072:Wxv/y9LJ3tGXRvjxCb5NgXDY7uSK4aqTBrgmQ+i:qamlKgzeYqTKmQZ
Score

6^/10

ransomware
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

behavioral2