Overview

overview

7

Static

static

3

219bd57602...84.exe

windows7-x64

7

219bd57602...84.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    219bd57602fa133b4639b260576032befb08c42faf679d266c29da17e243f384.sample

  • Size

    126KB

  • Sample

    240227-v5s14afb67

  • MD5

    45b459a3d2625d9b5f3ae1f8678875ea

  • SHA1

    b1641e15874b8fcff6b16bddda088732afcf85d9

  • SHA256

    219bd57602fa133b4639b260576032befb08c42faf679d266c29da17e243f384

  • SHA512

    12b6d82ae1f5bf74de6fdade4b3f63b4db8bde79c6ce0029ae0b65dec27202ac722bafeb8773db5f2bc0466627c1a1850b53ef914bed7cbaa5870a6e9f972f79

  • SSDEEP

    3072:4sPYTYZhyfgRdUsKvLeB+OBmPODatu5TPuJSdqhmlu:4bYZMs3sM+OmPt8lOmu

Score
7/10
persistenceransomwarespywarestealer

Malware Config

Targets

    • Target

      219bd57602fa133b4639b260576032befb08c42faf679d266c29da17e243f384.sample

    • Size

      126KB

    • MD5

      45b459a3d2625d9b5f3ae1f8678875ea

    • SHA1

      b1641e15874b8fcff6b16bddda088732afcf85d9

    • SHA256

      219bd57602fa133b4639b260576032befb08c42faf679d266c29da17e243f384

    • SHA512

      12b6d82ae1f5bf74de6fdade4b3f63b4db8bde79c6ce0029ae0b65dec27202ac722bafeb8773db5f2bc0466627c1a1850b53ef914bed7cbaa5870a6e9f972f79

    • SSDEEP

      3072:4sPYTYZhyfgRdUsKvLeB+OBmPODatu5TPuJSdqhmlu:4bYZMs3sM+OmPt8lOmu

    Score
    7/10
    persistenceransomwarespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Modifies WinLogon

      persistence

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks