Overview

overview

7

Static

static

3

c26f792bcc...2f.exe

windows7-x64

7

c26f792bcc...2f.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c26f792bcc3b93dd25265df6b5e3932f

  • Size

    206KB

  • Sample

    240312-ex9qwagc9w

  • MD5

    c26f792bcc3b93dd25265df6b5e3932f

  • SHA1

    34cda58e8de15bdc471845a21e4741715adc889f

  • SHA256

    43b86e7fe17b7adbdd0bda99a5d5743647843437fbebb5559216228da032c43f

  • SHA512

    4bda625bfb6ff82af3f0a27b2ecbb359d5dbf10f341f2eb20a4334611a19c9d7fef295c5319cf8a09f69b4d25b294361a010de72abbdcc3d051db8e0e8998bd0

  • SSDEEP

    3072:xKmKRFf3aNFtQjuOU/Lu/d5ZrKTFj2m/CGPVHzzgd2HPVVf9AebuLFfK9s7IDNgv:MmeaNIuD/Lu/dC3/rak9gorD6v

Score
7/10
bootkitpersistenceransomware

Malware Config

Targets

    • Target

      c26f792bcc3b93dd25265df6b5e3932f

    • Size

      206KB

    • MD5

      c26f792bcc3b93dd25265df6b5e3932f

    • SHA1

      34cda58e8de15bdc471845a21e4741715adc889f

    • SHA256

      43b86e7fe17b7adbdd0bda99a5d5743647843437fbebb5559216228da032c43f

    • SHA512

      4bda625bfb6ff82af3f0a27b2ecbb359d5dbf10f341f2eb20a4334611a19c9d7fef295c5319cf8a09f69b4d25b294361a010de72abbdcc3d051db8e0e8998bd0

    • SSDEEP

      3072:xKmKRFf3aNFtQjuOU/Lu/d5ZrKTFj2m/CGPVHzzgd2HPVVf9AebuLFfK9s7IDNgv:MmeaNIuD/Lu/dC3/rak9gorD6v

    Score
    7/10
    bootkitpersistenceransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks