Overview

overview

9

Static

static

3

BhaggoQuic...up.exe

windows7-x64

7

BhaggoQuic...up.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    BhaggoQuickCleanerSetup.exe

  • Size

    20.0MB

  • Sample

    240522-v1c43sad96

  • MD5

    88370493f8ae3b4373d713fff1737ef4

  • SHA1

    fcb57fb45e2d08e54521dcc622df6b3fa1180a4f

  • SHA256

    adc907859265c570547e9e7ee415c3ce59e4d4c7aad6697f9a6fbd7a58667cae

  • SHA512

    8c6fcc0eb6bae1f8dbf1810d521c0135d11985aabda77dcdff47a063abbbbbf0712c1d25f0dc31a912e6d8eea2f559f732afd28e8f1dbe67762fb4bed8caf10d

  • SSDEEP

    393216:ckYaNG8EHcAzgx2m+Zf0Hve8Y4Qxt/7Jv9WqKK/6RS6ATf:cwG5HGx2/Me4+raU6RCf

Score
9/10
discoveryevasionexecutionransomware

Malware Config

Targets

    • Target

      BhaggoQuickCleanerSetup.exe

    • Size

      20.0MB

    • MD5

      88370493f8ae3b4373d713fff1737ef4

    • SHA1

      fcb57fb45e2d08e54521dcc622df6b3fa1180a4f

    • SHA256

      adc907859265c570547e9e7ee415c3ce59e4d4c7aad6697f9a6fbd7a58667cae

    • SHA512

      8c6fcc0eb6bae1f8dbf1810d521c0135d11985aabda77dcdff47a063abbbbbf0712c1d25f0dc31a912e6d8eea2f559f732afd28e8f1dbe67762fb4bed8caf10d

    • SSDEEP

      393216:ckYaNG8EHcAzgx2m+Zf0Hve8Y4Qxt/7Jv9WqKK/6RS6ATf:cwG5HGx2/Me4+raU6RCf

    Score
    9/10
    discoveryevasionexecutionransomware

    • Clears Windows event logs

      evasionransomware

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks