47b666c5ecf61c227a0ba890fa0f7e99ff0143af8413e234ecb219cd976de038 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7dac9b619b44fd4b9f8ca10e99ecbd38
Size

332KB
Sample

231226-t9cz1acgdp
MD5

7dac9b619b44fd4b9f8ca10e99ecbd38
SHA1

663c5c3a39ce55e9b0eae14d04eda70ddbc0963d
SHA256

47b666c5ecf61c227a0ba890fa0f7e99ff0143af8413e234ecb219cd976de038
SHA512

d9dc7b0251ee2dacd7406d7bab68996035137575becb62d7e938c7fc086f65ca15bab884595e3d6e9168823d307ce513ddad4866e31d3eb7549629eeed0b802b
SSDEEP

6144:q7ahMlDgyD23KZKnuZCNzdEJjhAKptUx88HFYvFj06r3Zkwlm9aMSkI/:Yxl8i246uMz2hlwyBfDO6m9aeI

Score

9^/10

evasion ransomware

Malware Config

Targets

- Target
  
  7dac9b619b44fd4b9f8ca10e99ecbd38
- Size
  
  332KB
- MD5
  
  7dac9b619b44fd4b9f8ca10e99ecbd38
- SHA1
  
  663c5c3a39ce55e9b0eae14d04eda70ddbc0963d
- SHA256
  
  47b666c5ecf61c227a0ba890fa0f7e99ff0143af8413e234ecb219cd976de038
- SHA512
  
  d9dc7b0251ee2dacd7406d7bab68996035137575becb62d7e938c7fc086f65ca15bab884595e3d6e9168823d307ce513ddad4866e31d3eb7549629eeed0b802b
- SSDEEP
  
  6144:q7ahMlDgyD23KZKnuZCNzdEJjhAKptUx88HFYvFj06r3Zkwlm9aMSkI/:Yxl8i246uMz2hlwyBfDO6m9aeI
Score

9^/10

evasion ransomware
- Modifies boot configuration data using bcdedit
  ransomware evasion
- Drops file in Drivers directory
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

evasionransomware

behavioral2

evasionransomware