Overview

overview

10

Static

static

3

48689c986e...2c.exe

windows7-x64

10

48689c986e...2c.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4fe6e2ac319397f53a6ea46e77cde425187df6fca2f0f630fc0f5d6eb0901ae1

  • Size

    570KB

  • Sample

    240417-qgk85aad7w

  • MD5

    81c96278fb83c436d0fd8aaae5db5ee6

  • SHA1

    93081fa2fc13d69480426d9c38921c78a3edc35c

  • SHA256

    4fe6e2ac319397f53a6ea46e77cde425187df6fca2f0f630fc0f5d6eb0901ae1

  • SHA512

    c8b561135677b5942f16f01d608b2e7ee3a8eaeac19b1fe752120567789689097cd2243226ec5331b0a830fe9ed4b6e2575341b7d368a6b9759e485d93bf175e

  • SSDEEP

    12288:9mL2/mMj8gMDnzorOwLWeWXt8yLXFrdTFq6Of1+X952n:9m0mMj4jzoCwnuxTg1M2n

Score
10/10
avaddonevasionransomwaretrojan

Malware Config

Targets

    • Target

      48689c986eb553e6a7aeba973501b9660cb1418d4ec3ba9d0511f82799d1422c.exe

    • Size

      645KB

    • MD5

      79cdf459683c39e9704a37a6be9bc877

    • SHA1

      450d4f351c3dd168e313b309da4bd8a817453d1d

    • SHA256

      48689c986eb553e6a7aeba973501b9660cb1418d4ec3ba9d0511f82799d1422c

    • SHA512

      2cc3f164e92650c4d4aed7012da7d303d24cdc63565ed744a28cb6d59465189233a128a01f4b807aa972057e0d0d98742c5ca9b41a67bf59f0f115de30eb6bd4

    • SSDEEP

      12288:Ya8gND5n7gG2WERaCyDVbdlSQLeYBgdAULx9mutZo5B:YgNDBg3JRaCyDVplSUBgrHtZor

    Score
    10/10
    avaddonevasionransomwaretrojan

    • Avaddon

      Ransomware-as-a-service first released in June 2020 and currently expanding its userbase among criminal actors.

      ransomwareavaddon

    • Avaddon payload

    • UAC bypass

      evasiontrojan

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Renames multiple (165) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Checks whether UAC is enabled

      evasiontrojan

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks