Overview

overview

8

Static

static

1

2024-03-06...25.z01

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-03-06_21-25-25.z01

  • Size

    25.0MB

  • Sample

    240630-wd6njs1gjh

  • MD5

    f2bd3fdfb9d75bfbc4ee8be3029f8b71

  • SHA1

    4af2233a3584b6e3a6d98dd30853e73cac24bf26

  • SHA256

    a81e89d335231c17935ef5b07664b501a2737c028dba9d5c1bbce8c068a069cc

  • SHA512

    e594195a98a11ce8b5d55f1e99676450584b089f95073ad9d45d524d8638a2227eeee90039c72a95798d6d870ba28b43178927704d9cba8509d70e314755de34

  • SSDEEP

    393216:NxYXp34f1RfHFicxtyu4UzQTwnYQi9CHftSW9UPck5iFBoq8kvcYOFk0EbuvGIs9:NeXc4UNmd9kftSx5iAvkCTz5yN

Score
8/10
evasionransomware

Malware Config

Targets

    • Target

      2024-03-06_21-25-25.z01

    • Size

      25.0MB

    • MD5

      f2bd3fdfb9d75bfbc4ee8be3029f8b71

    • SHA1

      4af2233a3584b6e3a6d98dd30853e73cac24bf26

    • SHA256

      a81e89d335231c17935ef5b07664b501a2737c028dba9d5c1bbce8c068a069cc

    • SHA512

      e594195a98a11ce8b5d55f1e99676450584b089f95073ad9d45d524d8638a2227eeee90039c72a95798d6d870ba28b43178927704d9cba8509d70e314755de34

    • SSDEEP

      393216:NxYXp34f1RfHFicxtyu4UzQTwnYQi9CHftSW9UPck5iFBoq8kvcYOFk0EbuvGIs9:NeXc4UNmd9kftSx5iAvkCTz5yN

    Score
    8/10
    evasionransomware

    • Disables Task Manager via registry modification

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Legitimate hosting services abused for malware hosting/C2

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks