Overview

overview

9

Static

static

3

5b712f99b3...46.exe

windows7-x64

9

5b712f99b3...46.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5b712f99b32783231704adc73a251e46

  • Size

    777KB

  • Sample

    231222-d2388acge3

  • MD5

    5b712f99b32783231704adc73a251e46

  • SHA1

    cf0589c32b4d18303e194672a7710fd6a9a655d6

  • SHA256

    47f84419a3c49e289492b9e348c14c268b117cd26964746fa65318c893cbe81f

  • SHA512

    b3d45c54a9280534ea6471f252635f5cc04cb8a95f70d87041af24033f21db332184eaba72149c29b1028ba8d84fdfe0b54c46dd91952ca930bebb2a297c22dd

  • SSDEEP

    12288:nZ+pDu9YrDQKiXEfiVzhY1Iys0P9ckXgeteabKSctHSoHJD4XWdFvn:n80sDNiUfiPgI91kXgeYEF2HSoHYCFf

Score
9/10
evasionpersistenceransomwaretrojan

Malware Config

Targets

    • Target

      5b712f99b32783231704adc73a251e46

    • Size

      777KB

    • MD5

      5b712f99b32783231704adc73a251e46

    • SHA1

      cf0589c32b4d18303e194672a7710fd6a9a655d6

    • SHA256

      47f84419a3c49e289492b9e348c14c268b117cd26964746fa65318c893cbe81f

    • SHA512

      b3d45c54a9280534ea6471f252635f5cc04cb8a95f70d87041af24033f21db332184eaba72149c29b1028ba8d84fdfe0b54c46dd91952ca930bebb2a297c22dd

    • SSDEEP

      12288:nZ+pDu9YrDQKiXEfiVzhY1Iys0P9ckXgeteabKSctHSoHJD4XWdFvn:n80sDNiUfiPgI91kXgeYEF2HSoHYCFf

    Score
    9/10
    evasionpersistenceransomwaretrojan

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Adds Run key to start application

      persistence

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks