Overview

overview

10

Static

static

10

ransomware...om.exe

windows7-x64

10

ransomware...om.exe

windows10-2004-x64

10

ransomware...ab.exe

windows7-x64

10

ransomware...ab.exe

windows10-2004-x64

10

ransomware...ye.exe

windows7-x64

10

ransomware...ye.exe

windows10-2004-x64

10

ransomware...ni.exe

windows7-x64

10

ransomware...ni.exe

windows10-2004-x64

10

ransomware...pt.exe

windows7-x64

10

ransomware...pt.exe

windows10-2004-x64

4

ransomware...ya.exe

windows7-x64

7

ransomware...ya.exe

windows10-2004-x64

7

ransomware...en.exe

windows7-x64

8

ransomware...en.exe

windows10-2004-x64

8

ransomware...ky.exe

windows7-x64

1

ransomware...ky.exe

windows10-2004-x64

1

ransomware...ha.exe

windows7-x64

6

ransomware...ha.exe

windows10-2004-x64

6

ransomware...V2.exe

windows7-x64

6

ransomware...V2.exe

windows10-2004-x64

6

ransomware...om.exe

windows7-x64

10

ransomware...om.exe

windows10-2004-x64

10

ransomware...ya.exe

windows7-x64

10

ransomware...ya.exe

windows10-2004-x64

10

ransomware...d).exe

windows7-x64

6

ransomware...d).exe

windows10-2004-x64

6

ransomware...ap.exe

windows7-x64

1

ransomware...ap.exe

windows10-2004-x64

1

ransomware....A.exe

windows7-x64

6

ransomware....A.exe

windows10-2004-x64

6

ransomware...er.exe

windows7-x64

6

ransomware...er.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    118s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    15-03-2024 21:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ransomwares/PetyaMFTDestroyer/PetyaMFTDestroyer.exe

  • Size

    14KB

  • MD5

    a8a9916266bd2cbbca8850c6c67a915c

  • SHA1

    5aeb52141addd70e408761d9bdad00751b995eac

  • SHA256

    07f5eeb863d8e000fd24cffbf278fae627a0872afb03db01f700355656a883fd

  • SHA512

    21e11f9d7b93dceb740fe157d6cc006ad24cb92d51769c471cdd8e63da8e87eacb8350cf8365ba7b64370ec8cc5ca6800d010fa266044a9706e9e347fbb03fef

  • SSDEEP

    192:gcUFGq6c+3a6mY49OD2JgH+q3QQ4B/W1bSyg+0SfEl:geaHYzyJE+q3QQ4B/WUyg7

Score
6/10
bootkitpersistence

Malware Config

Signatures

  • Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

    Bootkits write to the MBR to gain persistence at a level below the operating system.

    bootkitpersistence

Processes

  • C:\Users\Admin\AppData\Local\Temp\ransomwares\PetyaMFTDestroyer\PetyaMFTDestroyer.exe
    "C:\Users\Admin\AppData\Local\Temp\ransomwares\PetyaMFTDestroyer\PetyaMFTDestroyer.exe"
    1⤵
    • Writes to the Master Boot Record (MBR)
    PID:2192

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads