Overview

overview

8

Static

static

1

text.txt

windows10-1703-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    text.txt

  • Size

    168B

  • Sample

    240808-swqs9sygmd

  • MD5

    10a317ca10f0fd2af4bf2043ff8dd8fd

  • SHA1

    c02bdb3aba83817ea599a004fcfbf09c419c326b

  • SHA256

    2dbd1033a26118d27915184864ad2a0add89d5ee3153eca157fadaa62ad19af5

  • SHA512

    192f635707607a716f2d12f191cbb12a42f65d1aa5446ea7a6fc6adfe8b1c88d3210488ceec2528d6e276593ed9603fac14939bb431b689702dd4f1829de44e0

Score
8/10
discoverypersistencephishingransomware

Malware Config

Targets

    • Target

      text.txt

    • Size

      168B

    • MD5

      10a317ca10f0fd2af4bf2043ff8dd8fd

    • SHA1

      c02bdb3aba83817ea599a004fcfbf09c419c326b

    • SHA256

      2dbd1033a26118d27915184864ad2a0add89d5ee3153eca157fadaa62ad19af5

    • SHA512

      192f635707607a716f2d12f191cbb12a42f65d1aa5446ea7a6fc6adfe8b1c88d3210488ceec2528d6e276593ed9603fac14939bb431b689702dd4f1829de44e0

    Score
    8/10
    discoverypersistencephishingransomware

    • Downloads MZ/PE file

    • Manipulates Digital Signatures

      Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.

    • Sets service image path in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks