Overview

overview

8

Static

static

1

LDPlayer9_...1).exe

windows7-x64

6

LDPlayer9_...1).exe

windows10-2004-x64

Resubmissions

20/05/2024, 21:48

240520-1nt5qahd6z 8

20/05/2024, 21:47

240520-1m8aysgg76 1

Sharing

Copy URL Twitter E-mail

General

  • Target

    LDPlayer9_es_1260_ld (1).exe

  • Size

    12.3MB

  • Sample

    240520-1nt5qahd6z

  • MD5

    53267fb7397aef58b1025636f8eed6b8

  • SHA1

    bc2e7965b2a5d10de452dd590ffef7328b48e1bf

  • SHA256

    815165ed2cfb5dee2b8c061f6436366b9d72e464dcc83db9c3c036475a875d5e

  • SHA512

    bd966609dc941d64bb379913a8258f2c8b9712e76c8ea5a4c5f842aa86714c1a39d918b71f170491c08e40ffe6f6fe236a7cd025b93902b75080adb43056af9f

  • SSDEEP

    393216:P9JRaxbxp41TXj2w5311sHznZc+TEI4gw:1ibxWT6w5AbZbTNC

Score
8/10
evasionransomware

Malware Config

Targets

    • Target

      LDPlayer9_es_1260_ld (1).exe

    • Size

      12.3MB

    • MD5

      53267fb7397aef58b1025636f8eed6b8

    • SHA1

      bc2e7965b2a5d10de452dd590ffef7328b48e1bf

    • SHA256

      815165ed2cfb5dee2b8c061f6436366b9d72e464dcc83db9c3c036475a875d5e

    • SHA512

      bd966609dc941d64bb379913a8258f2c8b9712e76c8ea5a4c5f842aa86714c1a39d918b71f170491c08e40ffe6f6fe236a7cd025b93902b75080adb43056af9f

    • SSDEEP

      393216:P9JRaxbxp41TXj2w5311sHznZc+TEI4gw:1ibxWT6w5AbZbTNC

    Score
    8/10
    evasionransomware

    • Disables Task Manager via registry modification

      evasion

    • Downloads MZ/PE file

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks