Overview

overview

10

Static

static

10

5c8280c322...aa.exe

windows7-x64

10

5c8280c322...aa.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5c8280c3226fa7078d7dae2f343e255ae2ecda2b0e1ba7348836d967eb35c5aa.sample

  • Size

    277KB

  • Sample

    240227-v9h2pafe9x

  • MD5

    2f5906278b79fd23837acbf174caeec1

  • SHA1

    e5d9fbcc61665b19d0810d01617e762c3c9d9b99

  • SHA256

    5c8280c3226fa7078d7dae2f343e255ae2ecda2b0e1ba7348836d967eb35c5aa

  • SHA512

    fc99c2c80ca1064923178f5a3baaacb405544b26b44d0c3f3d609a1bb6628be18252a87d44ea9d4f4c8d82f31271a4cb9fd8c02eb2d4aaa12c153fd5c2ba5acc

  • SSDEEP

    6144:6Z1gm4z+Rp4PCL8YM6c2G/FtmUPvo39UPdWNN4:6l4qnM6c26s39hNN4

Score
10/10
medusalocker

Malware Config

Targets

    • Target

      5c8280c3226fa7078d7dae2f343e255ae2ecda2b0e1ba7348836d967eb35c5aa.sample

    • Size

      277KB

    • MD5

      2f5906278b79fd23837acbf174caeec1

    • SHA1

      e5d9fbcc61665b19d0810d01617e762c3c9d9b99

    • SHA256

      5c8280c3226fa7078d7dae2f343e255ae2ecda2b0e1ba7348836d967eb35c5aa

    • SHA512

      fc99c2c80ca1064923178f5a3baaacb405544b26b44d0c3f3d609a1bb6628be18252a87d44ea9d4f4c8d82f31271a4cb9fd8c02eb2d4aaa12c153fd5c2ba5acc

    • SSDEEP

      6144:6Z1gm4z+Rp4PCL8YM6c2G/FtmUPvo39UPdWNN4:6l4qnM6c26s39hNN4

    Score
    10/10

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks