Overview

overview

10

Static

static

7

HorrorRans...al.exe

windows7-x64

HorrorRans...al.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    HorrorRansom 1.0 Final.exe

  • Size

    1.7MB

  • Sample

    231207-nsaknaab67

  • MD5

    1a8e74c4bb9a2c5b38b4412a6b484737

  • SHA1

    c01eb730609125dc55641d1aa377d890941b9e83

  • SHA256

    ed73b148716d6015b1466ee92cb331070a90d8a433ee768984cec665970fd327

  • SHA512

    a531fb0fb00dddfd379086d2f0f868447fe7d111d242ecfb27fd468d75dfb6761ee6c13b2fb73a0ec8990b86ce1fb0407a47c2223c712a6752d3ca096c5cd204

  • SSDEEP

    49152:ot42t5QZkBhBhyKui/2gDSr8XTh3FQ+G7wKC:2QgybsbDBYwK

Score
10/10
evasionpersistenceransomwaretrojanupx

Malware Config

Targets

    • Target

      HorrorRansom 1.0 Final.exe

    • Size

      1.7MB

    • MD5

      1a8e74c4bb9a2c5b38b4412a6b484737

    • SHA1

      c01eb730609125dc55641d1aa377d890941b9e83

    • SHA256

      ed73b148716d6015b1466ee92cb331070a90d8a433ee768984cec665970fd327

    • SHA512

      a531fb0fb00dddfd379086d2f0f868447fe7d111d242ecfb27fd468d75dfb6761ee6c13b2fb73a0ec8990b86ce1fb0407a47c2223c712a6752d3ca096c5cd204

    • SSDEEP

      49152:ot42t5QZkBhBhyKui/2gDSr8XTh3FQ+G7wKC:2QgybsbDBYwK

    Score
    10/10
    evasionpersistenceransomwaretrojanupx

    • UAC bypass

      evasiontrojan

    • Disables Task Manager via registry modification

      evasion

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks