efea8977035c1cb35117e4724ca9aa6cf9f72fe75edf4f48c56f31f85a29b334 | Triage

Sharing

General

Target

stanley.zip
Size

2.0MB
Sample

240430-lfww1sha78
MD5

ab131f710af8769b69070f7925a0509f
SHA1

440a4323cf16662d9f3d02807525c1f4d116526b
SHA256

efea8977035c1cb35117e4724ca9aa6cf9f72fe75edf4f48c56f31f85a29b334
SHA512

e81bc6bfe35243343ef9a24f43d622722708a466d51f98bffd27b6293947e15bc781edebb4ec30b2349084037e8dedfcddb77307167f65bad62f16017ada6988
SSDEEP

49152:h1Zrj5mIT594UEv4eiuAHWRKuRpWSBjnCLy3ka74UIjbLV57Q:h/5mG0v9iNq7Rym74UCL0

Score

5^/10

ransomware

Malware Config

Targets

- Target
  
  data/IMP.BAT
- Size
  
  434B
- MD5
  
  427f7caf339fb2af92328deb0934c628
- SHA1
  
  e27ab23b826e6868c34f7c49a66727866b0107c6
- SHA256
  
  b0a692610583f147f890e58a7028f99cd6ae141adcdbbedeb3447659b5057d2a
- SHA512
  
  f6db5bf109ee1c4690c2fb61b0d185ada79c272c153a3f2f9b1daf4cabf7ff3e3a3db71416d2a795fde892f6cdd4a138f2f60dbc468fde04490689f18e1fb161
Score

1^/10
behavioral1
- Target
  
  subtostanleymovV4.exe
- Size
  
  89KB
- MD5
  
  9f3c3eb9c5ebb526b4c596b092c63fe7
- SHA1
  
  be04c22851bc9a212c043920341428155364070c
- SHA256
  
  69c20c7008dd020ff4709e5589522d072759d5d133cd9bdda00879e00f33c65a
- SHA512
  
  e93aa0434e1868c7e685508594b653bcd612755ef0ba574228a970fa314540945e7b7e1c99c513a28c5c5a2dbdb8798cf092afd5f6020049c091777253913540
- SSDEEP
  
  1536:f7fbN3eEDhDPA/pICdUkbBtW7upvaLU0bI5taxKo0IOlnToIfiwfO:T7DhdC6kzWypvaQ0FxyNTBficO
Score

5^/10

ransomware
- Sets desktop wallpaper using registry
  ransomware
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

behavioral2