7b55dfab141eb69abbe47267e396fe8ee6bc4054fc8d4a5d91049b950c7d84aa

General

Target

NoEscape.exe-Download-main.zip
Size

13.5MB
Sample

240901-zlfzmssala
MD5

6da84fd648c8811cc112f4fffe20a24d
SHA1

ba4f8d7fb51ee0a31b068cca51d5e5388c4b081b
SHA256

7b55dfab141eb69abbe47267e396fe8ee6bc4054fc8d4a5d91049b950c7d84aa
SHA512

0ba4c4379b77b465aa13af7ec295a9e7cc1421cff76e735890f46228af2f500202f879468322ad59b6d6ab06710828536ffcddee23093adf82498a365fee6bdb
SSDEEP

393216:8mpOKhF/fEB5KyYEvARy5DiydlufgDaDh5Z8sJzOvhz9R:8uB3f7koRseynegDU8sJzQR

Score

10^/10

Malware Config

Targets

- Target
  
  NoEscape.exe-Download-main/NoEscape.exe/NoEscape.exe
- Size
  
  666KB
- MD5
  
  989ae3d195203b323aa2b3adf04e9833
- SHA1
  
  31a45521bc672abcf64e50284ca5d4e6b3687dc8
- SHA256
  
  d30d7676a3b4c91b77d403f81748ebf6b8824749db5f860e114a8a204bca5b8f
- SHA512
  
  e9d4e6295869f3a456c7ea2850c246d0c22afa65c2dd5161744ee5b3e29e44d9a2d758335f98001cdb348eaa51a71cd441b4ddc12c8d72509388657126e69305
- SSDEEP
  
  12288:85J5X487qJUtcWfkVJ6g5s/cD01oKHQyis2AePsr8nP712TB:s487pcZEgwcDpg1L2tbPR2t
Score

10^/10

discovery evasion persistence ransomware trojan
- Modifies WinLogon for persistence
  persistence
- UAC bypass
  evasion trojan
- Disables RegEdit via registry modification
  evasion
- Checks whether UAC is enabled
  evasion trojan
- Drops desktop.ini file(s)
- Modifies WinLogon
  persistence
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2
- Target
  
  NoEscape.exe-Download-main/NoEscape.exe/vc_redist.x86.exe
- Size
  
  13.1MB
- MD5
  
  1a15e6606bac9647e7ad3caa543377cf
- SHA1
  
  bfb74e498c44d3a103ca3aa2831763fb417134d1
- SHA256
  
  fdd1e1f0dcae2d0aa0720895eff33b927d13076e64464bb7c7e5843b7667cd14
- SHA512
  
  e8cb67fc8e0312da3cc98364b96dfa1a63150ab9de60069c4af60c1cf77d440b7dffe630b4784ba07ea9bf146bdbf6ad5282a900ffd6ab7d86433456a752b2fd
- SSDEEP
  
  393216:S1RPq5dCsKSR65cX7Eyd/qnejOFxP7OEnl4L/Vvc:yP5iw56oyleej2OEnlwc
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral3 behavioral4