Overview

overview

10

Static

static

1

ce7104bc85...59.exe

windows7-x64

10

ce7104bc85...59.exe

windows10-1703-x64

10

ce7104bc85...59.exe

windows10-2004-x64

10

ce7104bc85...59.exe

windows11-21h2-x64

10

Resubmissions

16-03-2024 15:50

240316-s93d8aga69 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ce7104bc850c5a07a867cadb8f4bfa59

  • Size

    1.1MB

  • Sample

    240414-nxzqcabc2z

  • MD5

    ce7104bc850c5a07a867cadb8f4bfa59

  • SHA1

    ee1c80c04d2505bd0675e42317ce702c99a9c38e

  • SHA256

    cd2bc2ceb0e1b7d7c31f7a2aec7e838d3a90767ed3d02e1720170875e4a23cb6

  • SHA512

    74f84a2c6b73c8519d3ec6b36a996c0cfc4d956c234200ed0e69a262fd66c224fdcf694a13fb1aa9cbbe5880afd9641725fe8d380196214a479ef8dc29fdc73b

  • SSDEEP

    24576:0HtrdKYVVSrqGDohJ3STZG8vIn/sCBGnWsY03+C:0HtV7GwBSTc8An/4YJC

Score
10/10
troldeshdiscoverypersistenceransomwarespywarestealertrojanupx

Malware Config

Targets

    • Target

      ce7104bc850c5a07a867cadb8f4bfa59

    • Size

      1.1MB

    • MD5

      ce7104bc850c5a07a867cadb8f4bfa59

    • SHA1

      ee1c80c04d2505bd0675e42317ce702c99a9c38e

    • SHA256

      cd2bc2ceb0e1b7d7c31f7a2aec7e838d3a90767ed3d02e1720170875e4a23cb6

    • SHA512

      74f84a2c6b73c8519d3ec6b36a996c0cfc4d956c234200ed0e69a262fd66c224fdcf694a13fb1aa9cbbe5880afd9641725fe8d380196214a479ef8dc29fdc73b

    • SSDEEP

      24576:0HtrdKYVVSrqGDohJ3STZG8vIn/sCBGnWsY03+C:0HtV7GwBSTc8An/4YJC

    Score
    10/10
    troldeshdiscoverypersistenceransomwarespywarestealertrojanupx

    • Troldesh, Shade, Encoder.858

      Troldesh is a ransomware spread by malspam.

      ransomwaretrojantroldesh

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks