hxxps://samples[.]vx-underground[.]org/Samples/Families/CryptoFortress/26F13C4AD8C1CCF81E80A556CF6DB0AF[.]7z | Triage

Submit
Reports

Overview

overview

9

Static

static

1

URLScan

urlscan

1

https://samples.vx-u...

windows10-2004-x64

9

Sharing

General

Target

https://samples.vx-underground.org/Samples/Families/CryptoFortress/26F13C4AD8C1CCF81E80A556CF6DB0AF.7z
Sample

240425-lcnfgahd47

Score

9^/10

evasion persistence ransomware trojan

Static task

static1

URLScan task

urlscan1

Behavioral task

behavioral1

Sample

https://samples.vx-underground.org/Samples/Families/CryptoFortress/26F13C4AD8C1CCF81E80A556CF6DB0AF.7z

Resource

win10v2004-20240412-en

evasion persistence ransomware trojan

windows10-2004-x64

19 signatures

300 seconds

Malware Config

Targets

- Target
  
  https://samples.vx-underground.org/Samples/Families/CryptoFortress/26F13C4AD8C1CCF81E80A556CF6DB0AF.7z
Score

9^/10

evasion persistence ransomware trojan
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Indicator Removal

File Deletion

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Inhibit System Recovery

Resource Development

Reconnaissance

Tasks

static1

urlscan1

behavioral1

evasionpersistenceransomwaretrojan

© 2018-2024

Terms | Privacy