8d1cee07b1f4153c602c7af67f13391da300cc488e69b59279b1a8d75106d864 | Triage

Sharing

General

Target

malware.txt
Size

6KB
Sample

240519-tcg8fsdh87
MD5

e0776095121712202c80802058348633
SHA1

6915df50e7944d289d789085428fd73ba01c6653
SHA256

8d1cee07b1f4153c602c7af67f13391da300cc488e69b59279b1a8d75106d864
SHA512

7aaf8b33a91da07a62f9491c50c4637e9f1fee83d76ef3df9dc6843f1448457a93f892a1a1d93566aea2d08e9abcbfa25a943b52984f8669949eb2509d8ce1a6
SSDEEP

96:qD2WSNb8mN8r9f4PPfMSHnx2gqoij8RW8E/zmdPzWdEKuWP2W9NukS/Mom2i:qD8qrZgX7yrCdPidfbUG2i

Score

10^/10

discovery evasion execution exploit persistence ransomware trojan

Malware Config

Targets

- Target
  
  malware.txt
- Size
  
  6KB
- MD5
  
  e0776095121712202c80802058348633
- SHA1
  
  6915df50e7944d289d789085428fd73ba01c6653
- SHA256
  
  8d1cee07b1f4153c602c7af67f13391da300cc488e69b59279b1a8d75106d864
- SHA512
  
  7aaf8b33a91da07a62f9491c50c4637e9f1fee83d76ef3df9dc6843f1448457a93f892a1a1d93566aea2d08e9abcbfa25a943b52984f8669949eb2509d8ce1a6
- SSDEEP
  
  96:qD2WSNb8mN8r9f4PPfMSHnx2gqoij8RW8E/zmdPzWdEKuWP2W9NukS/Mom2i:qD8qrZgX7yrCdPidfbUG2i
Score

10^/10

discovery evasion execution exploit persistence ransomware trojan
- UAC bypass
  evasion trojan
- Modifies boot configuration data using bcdedit
  ransomware evasion
- Creates new service(s)
  persistence execution
- Disables RegEdit via registry modification
  evasion
- Disables Task Manager via registry modification
  evasion
- Modifies Windows Firewall
  evasion
- Possible privilege escalation attempt
  exploit
- Modifies file permissions
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

System Services

Service Execution

Command and Scripting Interpreter

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Create or Modify System Process

Windows Service

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Disable or Modify System Firewall

Modify Registry

File and Directory Permissions Modification

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Inhibit System Recovery

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

discoveryevasionexecutionexploitpersistenceransomwaretrojan