4526ae4561821d6b114ad8e12c0ed0bd416fe890ede8b75c875026640a8b866e | Triage

Sharing

General

Target

2024-03-15_a44ee9c467d45ed3d8e86ec165017539_ransomlock
Size

436KB
Sample

240315-lz74dsfg27
MD5

a44ee9c467d45ed3d8e86ec165017539
SHA1

efbbf15fb3466d78e8a57d24da3a05b9a4a33453
SHA256

4526ae4561821d6b114ad8e12c0ed0bd416fe890ede8b75c875026640a8b866e
SHA512

9d56372cd224ef3eb70678ed1be0578326de0307a7cc7e1b06a7ad3987640a97a6df39e13c310eaa725893f7fd622522838c81e16c88a02ac1094cb3bb36c0bd
SSDEEP

12288:7MSU4joci8M6PW1GVFeFd60DFUyhezYM:ASUCpM2W1Gvgmyezv

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  2024-03-15_a44ee9c467d45ed3d8e86ec165017539_ransomlock
- Size
  
  436KB
- MD5
  
  a44ee9c467d45ed3d8e86ec165017539
- SHA1
  
  efbbf15fb3466d78e8a57d24da3a05b9a4a33453
- SHA256
  
  4526ae4561821d6b114ad8e12c0ed0bd416fe890ede8b75c875026640a8b866e
- SHA512
  
  9d56372cd224ef3eb70678ed1be0578326de0307a7cc7e1b06a7ad3987640a97a6df39e13c310eaa725893f7fd622522838c81e16c88a02ac1094cb3bb36c0bd
- SSDEEP
  
  12288:7MSU4joci8M6PW1GVFeFd60DFUyhezYM:ASUCpM2W1Gvgmyezv
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Modifies Installed Components in the registry
  persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2