9f0b13f2aa8b3145b66b4e3d82f63d23dbf3fecc0be2c4e832d960e99b23d858 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.e387b087d13a48fa51ef9bbef040ebc0.exe
Size

286KB
Sample

231102-y85qvafb6v
MD5

e387b087d13a48fa51ef9bbef040ebc0
SHA1

d60731f3ab387bee7198c828e3e47a47edf1ab6f
SHA256

9f0b13f2aa8b3145b66b4e3d82f63d23dbf3fecc0be2c4e832d960e99b23d858
SHA512

934ac1a58d94a169d923ae04c65281c855be62a143c1ee98d7af5c7b2704d1e508c9acb34cd8dff9ea1fb2236243c12ea61c75e476cb26809c78ebe52a922833
SSDEEP

3072:nZUWlN3tGXRvjxCb5NgXDY7uSlkJcUa7kYQTcqW2NdQQGH/UDhSCUc4aqTBrgmQZ:ZFAlKgzelZNQSBQGH/CSpWqTKmQgO

Score

6^/10

ransomware

Malware Config

Targets

- Target
  
  NEAS.e387b087d13a48fa51ef9bbef040ebc0.exe
- Size
  
  286KB
- MD5
  
  e387b087d13a48fa51ef9bbef040ebc0
- SHA1
  
  d60731f3ab387bee7198c828e3e47a47edf1ab6f
- SHA256
  
  9f0b13f2aa8b3145b66b4e3d82f63d23dbf3fecc0be2c4e832d960e99b23d858
- SHA512
  
  934ac1a58d94a169d923ae04c65281c855be62a143c1ee98d7af5c7b2704d1e508c9acb34cd8dff9ea1fb2236243c12ea61c75e476cb26809c78ebe52a922833
- SSDEEP
  
  3072:nZUWlN3tGXRvjxCb5NgXDY7uSlkJcUa7kYQTcqW2NdQQGH/UDhSCUc4aqTBrgmQZ:ZFAlKgzelZNQSBQGH/CSpWqTKmQgO
Score

6^/10

ransomware
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

behavioral2