Overview

overview

10

Static

static

3

2bba517fdc...4b.exe

windows7-x64

10

2bba517fdc...4b.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    2bba517fdc28f08e65826892a7cb784b

  • Size

    69KB

  • Sample

    231231-g8wphafafk

  • MD5

    2bba517fdc28f08e65826892a7cb784b

  • SHA1

    522a8a0000ee310d17fd59a4ba625df351006350

  • SHA256

    ba8b66083d764f148493de8718c7dea2630a075305bc23e7370f0e951488498a

  • SHA512

    5d075147562d20a68a0a73588f2ad4db5b79d65ebc9ff291bcfea44fa0cfb08d3ea541d3273aacb94a0c8cb9f2bb78403faeafa103475a7f9031e1da718d00ed

  • SSDEEP

    1536:TVtz/+QB02rOr1BsMH1TN3VslEJ+XUt0L7Sq:Tz/+QKrTVT0lZ+iWq

Score
10/10
evasionpersistenceransomwaretrojan

Malware Config

Targets

    • Target

      2bba517fdc28f08e65826892a7cb784b

    • Size

      69KB

    • MD5

      2bba517fdc28f08e65826892a7cb784b

    • SHA1

      522a8a0000ee310d17fd59a4ba625df351006350

    • SHA256

      ba8b66083d764f148493de8718c7dea2630a075305bc23e7370f0e951488498a

    • SHA512

      5d075147562d20a68a0a73588f2ad4db5b79d65ebc9ff291bcfea44fa0cfb08d3ea541d3273aacb94a0c8cb9f2bb78403faeafa103475a7f9031e1da718d00ed

    • SSDEEP

      1536:TVtz/+QB02rOr1BsMH1TN3VslEJ+XUt0L7Sq:Tz/+QKrTVT0lZ+iWq

    Score
    10/10
    evasionpersistenceransomwaretrojan

    • Windows security bypass

      evasiontrojan

    • Disables RegEdit via registry modification

      evasion

    • Disables Task Manager via registry modification

      evasion

    • Modifies Shared Task Scheduler registry keys

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks