aba83307dcf9630de3fb57d3ba79b612e0e96b27b65c50eecffce59badb33df8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

LEURAK_RANSOMWARE_V4.bat
Size

4KB
Sample

231117-rk66faba8x
MD5

753765ccba52d4e3326cf06149a5dfdb
SHA1

f6073c5bf6d7171005c1b0e29a0a32f003875444
SHA256

aba83307dcf9630de3fb57d3ba79b612e0e96b27b65c50eecffce59badb33df8
SHA512

1c45261e2fcefe2be27461daa5db0282e96026214bfbd0673754fc744a65d292e167dfd095cd9afc20f7ca9615ce539cd008c372bd475f5b26f291bc5dc9456f
SSDEEP

96:9EC3KqzNz6z9z7zi34zuGOuGAuGuuGHuGAuGUuG1uG2uGkuGZuGYixpRWnHhGuG7:jPOubuvutuGu/uluGu9ubuWuv0aGuG

Score

8^/10

evasion ransomware

Malware Config

Targets

- Target
  
  LEURAK_RANSOMWARE_V4.bat
- Size
  
  4KB
- MD5
  
  753765ccba52d4e3326cf06149a5dfdb
- SHA1
  
  f6073c5bf6d7171005c1b0e29a0a32f003875444
- SHA256
  
  aba83307dcf9630de3fb57d3ba79b612e0e96b27b65c50eecffce59badb33df8
- SHA512
  
  1c45261e2fcefe2be27461daa5db0282e96026214bfbd0673754fc744a65d292e167dfd095cd9afc20f7ca9615ce539cd008c372bd475f5b26f291bc5dc9456f
- SSDEEP
  
  96:9EC3KqzNz6z9z7zi34zuGOuGAuGuuGHuGAuGUuG1uG2uGkuGZuGYixpRWnHhGuG7:jPOubuvutuGu/uluGu9ubuWuv0aGuG
Score

8^/10

evasion ransomware
- Disables Task Manager via registry modification
  evasion
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

evasionransomware

behavioral2

evasionransomware