bd8c6adf7c223acdc31c1d45d178a10e6fada771f8d89adc33b4b08321af5706 | Triage

Submit
Reports

Overview

overview

9

Static

static

1

huh.jpg

windows7-x64

3

huh.jpg

windows10-2004-x64

Sharing

General

Target

huh.jpg
Size

33KB
Sample

240426-d4wbdshe74
MD5

34ad6f121111013d7f91b7607866b8e4
SHA1

af32d617ccbfe230abaa98cc9c9dcc67921916c6
SHA256

bd8c6adf7c223acdc31c1d45d178a10e6fada771f8d89adc33b4b08321af5706
SHA512

fd7791ab40a5c09ff9bf07f3a6bfee63f8ad82a38f8da3616ff23ce82833d07f4705dced7a42196c4fca7de5b2de0d7ba6ceb5b30fccff78208d55472be2f499
SSDEEP

384:jPbSglvPzcUDCwI8e8EaVlmfyP5KR3QGcBemCi9nHqYatFXyMK/Lj/i5KGTfEB:3RxzcmCwI0lKRJIFHqYaPue/TU

Score

9^/10

discovery evasion ransomware

Static task

static1

Behavioral task

behavioral1

Sample

huh.jpg

Resource

win7-20240221-en

windows7-x64

2 signatures

1800 seconds

Behavioral task

behavioral2

Sample

huh.jpg

Resource

win10v2004-20240412-en

discovery evasion ransomware

windows10-2004-x64

21 signatures

1800 seconds

Malware Config

Targets

- Target
  
  huh.jpg
- Size
  
  33KB
- MD5
  
  34ad6f121111013d7f91b7607866b8e4
- SHA1
  
  af32d617ccbfe230abaa98cc9c9dcc67921916c6
- SHA256
  
  bd8c6adf7c223acdc31c1d45d178a10e6fada771f8d89adc33b4b08321af5706
- SHA512
  
  fd7791ab40a5c09ff9bf07f3a6bfee63f8ad82a38f8da3616ff23ce82833d07f4705dced7a42196c4fca7de5b2de0d7ba6ceb5b30fccff78208d55472be2f499
- SSDEEP
  
  384:jPbSglvPzcUDCwI8e8EaVlmfyP5KR3QGcBemCi9nHqYatFXyMK/Lj/i5KGTfEB:3RxzcmCwI0lKRJIFHqYaPue/TU
Score

9^/10

discovery evasion ransomware
- Modifies boot configuration data using bcdedit
  ransomware evasion
- Blocklisted process makes network request
- Downloads MZ/PE file
- Executes dropped EXE
- Modifies file permissions
  discovery
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Query Registry

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Inhibit System Recovery

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

discoveryevasionransomware

© 2018-2024

Terms | Privacy