d1120b5ef43b3dd45e9fc655b8ec41be8fd86d031693fd7ded68880917194bac | Triage

Sharing

General

Target

NEAS.b6a2ad8a70496dc949b099ab8210b420_JC.exe
Size

284KB
Sample

231102-ztlj4aff5z
MD5

b6a2ad8a70496dc949b099ab8210b420
SHA1

885aa94a5889a5a3d1e3c0994ded80b9d22cf383
SHA256

d1120b5ef43b3dd45e9fc655b8ec41be8fd86d031693fd7ded68880917194bac
SHA512

d7d8c9a43e612164359f6011a9170fabcba2f447ccf332f13b7e589e2e8d1b3714709133b39e384d431a6c514d913aa07e53d0194c3f1f36dc1a5ff04c37f786
SSDEEP

3072:bxv/y9LJ3tGXRvjxCb5NgXDY7uSlkJcUa7kYQTcqW2NdQQGH/UDhSCUc4aqTBrgD:lamlKgzelZNQSBQGH/CSpWqTKmQnmQ

Score

6^/10

ransomware

Malware Config

Targets

- Target
  
  NEAS.b6a2ad8a70496dc949b099ab8210b420_JC.exe
- Size
  
  284KB
- MD5
  
  b6a2ad8a70496dc949b099ab8210b420
- SHA1
  
  885aa94a5889a5a3d1e3c0994ded80b9d22cf383
- SHA256
  
  d1120b5ef43b3dd45e9fc655b8ec41be8fd86d031693fd7ded68880917194bac
- SHA512
  
  d7d8c9a43e612164359f6011a9170fabcba2f447ccf332f13b7e589e2e8d1b3714709133b39e384d431a6c514d913aa07e53d0194c3f1f36dc1a5ff04c37f786
- SSDEEP
  
  3072:bxv/y9LJ3tGXRvjxCb5NgXDY7uSlkJcUa7kYQTcqW2NdQQGH/UDhSCUc4aqTBrgD:lamlKgzelZNQSBQGH/CSpWqTKmQnmQ
Score

6^/10

ransomware
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

behavioral2