5bb5aaa3120c863b9f4ac00f2e0ea9b10f70a182f8d276f1e84a25c978dc502e | Triage

Sharing

General

Target

c3c49015b89201266d2513b4b3622dfa.bin
Size

9.9MB
Sample

240601-dvletsgf85
MD5

c3c49015b89201266d2513b4b3622dfa
SHA1

0bfeb9c05eb86d4e7c68eadf0779c340e7ed53d1
SHA256

5bb5aaa3120c863b9f4ac00f2e0ea9b10f70a182f8d276f1e84a25c978dc502e
SHA512

9b2c41b4a719baeab6961e0dc946092735db509ff2c216e3a0e486b6610ea59c50d50efb0bbe10773b7dfa86395ae4dce65bcabd2ea1893ea3dac5b3e542ba0e
SSDEEP

98304:3u5x6M1WopNhS9Yw8yPNhS9Yw8yuFhHZhANhS9Yw8yE:AiewflwfAh+wfE

Score

8^/10

persistence ransomware

Malware Config

Targets

- Target
  
  c3c49015b89201266d2513b4b3622dfa.bin
- Size
  
  9.9MB
- MD5
  
  c3c49015b89201266d2513b4b3622dfa
- SHA1
  
  0bfeb9c05eb86d4e7c68eadf0779c340e7ed53d1
- SHA256
  
  5bb5aaa3120c863b9f4ac00f2e0ea9b10f70a182f8d276f1e84a25c978dc502e
- SHA512
  
  9b2c41b4a719baeab6961e0dc946092735db509ff2c216e3a0e486b6610ea59c50d50efb0bbe10773b7dfa86395ae4dce65bcabd2ea1893ea3dac5b3e542ba0e
- SSDEEP
  
  98304:3u5x6M1WopNhS9Yw8yPNhS9Yw8yuFhHZhANhS9Yw8yE:AiewflwfAh+wfE
Score

8^/10

persistence ransomware
- Drops file in Drivers directory
- Adds Run key to start application
  persistence
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

behavioral2

persistenceransomware