4dcf441a408d89c92bc0d9ac26d010e5eb2dee5cb40f6da9f3490919709f6172 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

99fde299d7699dc64c4ea181786c7ffa
Size

35KB
Sample

240213-1pfcyshg71
MD5

99fde299d7699dc64c4ea181786c7ffa
SHA1

537c01472d6117a80a9ddf04e6f51099369fffbf
SHA256

4dcf441a408d89c92bc0d9ac26d010e5eb2dee5cb40f6da9f3490919709f6172
SHA512

ab564e54091937a128a48dde268acd32c9989cd748846876618fd008f39907c5dabe0022de94b08c493bf93c620dfa4e393c1990dec4977d9083b23faba61f34
SSDEEP

768:+DE/zZ5kQInFqoFUl85seW6mKlpCawo1KGjxX9UI:DxoFUl85seWhKlQ5whxX9UI

Score

6^/10

persistence ransomware

Malware Config

Targets

- Target
  
  99fde299d7699dc64c4ea181786c7ffa
- Size
  
  35KB
- MD5
  
  99fde299d7699dc64c4ea181786c7ffa
- SHA1
  
  537c01472d6117a80a9ddf04e6f51099369fffbf
- SHA256
  
  4dcf441a408d89c92bc0d9ac26d010e5eb2dee5cb40f6da9f3490919709f6172
- SHA512
  
  ab564e54091937a128a48dde268acd32c9989cd748846876618fd008f39907c5dabe0022de94b08c493bf93c620dfa4e393c1990dec4977d9083b23faba61f34
- SSDEEP
  
  768:+DE/zZ5kQInFqoFUl85seW6mKlpCawo1KGjxX9UI:DxoFUl85seWhKlQ5whxX9UI
Score

6^/10

persistence ransomware
- Adds Run key to start application
  persistence
- Drops file in System32 directory
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

behavioral2

persistenceransomware