6e567b610de23ee7623cc172d550268df53542d54910c400e85e3881f4447b5e | Triage

Resubmissions

09-01-2024 12:57

240109-p6546ababj 9

09-01-2024 12:55

240109-p6ay1sahhp 9

Sharing

General

Target

14100797924.zip
Size

108KB
Sample

240109-p6ay1sahhp
MD5

f6ccea527e33836a043b28737bdd2611
SHA1

c9d17201279dd082ef604e53d1fc1be040fa6a15
SHA256

6e567b610de23ee7623cc172d550268df53542d54910c400e85e3881f4447b5e
SHA512

74c4d2cd29131584fa3c533b1e4d6589e026795cf2302000e16926e34b8c9c9395d5b40533d2bb956019998e6e581f794e63e9d9abf1272870fd4d1337692dad
SSDEEP

3072:cNETh0yAP/5JoO8rpH9TRQ4SnVWD1pSoLw8:6zl/YO8BbeATw8

Score

9^/10

ransomware

Malware Config

Targets

- Target
  
  9243bdcbe30fbd430a841a623e9e1bcc894e4fdc136d46e702a94dad4b10dfdc
- Size
  
  216KB
- MD5
  
  18baedf43f4a68455e8d36b657aff03c
- SHA1
  
  5770b7c3931f6ed12650ad27b7fb2bf0752b80dc
- SHA256
  
  9243bdcbe30fbd430a841a623e9e1bcc894e4fdc136d46e702a94dad4b10dfdc
- SHA512
  
  3c3161e2b209b7589be33be288076af6b0e81c000ab66f7eb184ce54114b7e4687cc33e95bc9daf8b61394d8f847f85858bf0c978dbf829c0cd1fd9620231d4e
- SSDEEP
  
  3072:h17DaAz38w3vQ7F6PFwgBZTGFKQ+avVe+gGooSlFC2OLKKZAFEMpo4Iv1k:Fb8JF6Pf2KQ+aVB2fJqh4Id
Score

9^/10

ransomware
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Modifies boot configuration data using bcdedit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

File Deletion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

behavioral2