aa77cb573aa734527d1656e40fb7b971e5d1b3a30b213e460bd0de85ed00d05c | Triage

Sharing

General

Target

excel.zip
Size

8.6MB
Sample

240516-kha7nacc2y
MD5

fbf1571ba16838c2525b29adf5afb5af
SHA1

198e7b2c54131031104220168a7659824dc019fb
SHA256

aa77cb573aa734527d1656e40fb7b971e5d1b3a30b213e460bd0de85ed00d05c
SHA512

e0d0cef46803678b66178a83e1bae19c137453c7755d0cef0833404e31d61d4c86c38e2dcb72119025d3cc4025177b370bf6e7d20d56811ba5e07cbdd6a46650
SSDEEP

196608:x5oopuAgDXm4Y3L1DHv2b8N/ZgtbaW4M/OLr:2DVY75HcOZabaEOv

Score

7^/10

pyinstaller ransomware

Malware Config

Targets

- Target
  
  Tableau excel compta/bg.jpg
- Size
  
  132KB
- MD5
  
  92c3f660d12ab71e3a1da3574832bd2d
- SHA1
  
  496c95be1fe11b9a3353c11e31f21444ef30c1e6
- SHA256
  
  1608268cc3dbf33f6296c2a517fcd1d8719e0cc9e866ff3a85d76c95c569d368
- SHA512
  
  3b7d0fad1e4c84c54b60cda622ce61c343bf151594a3f2da1fb03482c67f9636128318063d02b3b070b110d0d6ed6d8cc4ff449feb1bbf53c2439247a6d2c2d8
- SSDEEP
  
  1536:+MIa/Yl3TlmbzmO6f0gpAn8g0IjAWXMhjHXNTeGlEw/lNRFPoCRRY64TVqK3R7+q:wa/YtlMz15g6n8g0IZMpdfWwR9chMiCs
Score

3^/10
behavioral1
- Target
  
  Tableau excel compta/excel.exe
- Size
  
  8.7MB
- MD5
  
  d3fbb9683e3122c5df40b6b8a381f076
- SHA1
  
  0fc12361a0165255b466d35916053d3770b86d20
- SHA256
  
  b8f08ac8a1c7aeced3b34c44f6428c51e27fa588f40dceb11f84fd1356828813
- SHA512
  
  240eab7f9b3eb6d0d16e9beb323b3367ee685f1bf3057785595ed9e676791192caab7946719989fe62445ef4001f07bb92be6d1fc37d8682cd60eb5c7ef82f2c
- SSDEEP
  
  196608:shDivrHisAV5GrgSYb8w8ehA+uWJysVYvsOXoyMxxvjDDAxgIE8Ggx:djHiV8YI62WJooyMxtDDAxgIp
Score

7^/10

ransomware
- Loads dropped DLL
- Sets desktop wallpaper using registry
  ransomware
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

behavioral2