Overview

overview

10

Static

static

1

image_2024...00.png

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    image_2024-09-22_223404200.png

  • Size

    9KB

  • Sample

    240922-x933zavcne

  • MD5

    7d424586ca6932a08bc7b1c79705a230

  • SHA1

    50b76d65330d4f6518c49c71eae8c3258ef65e6b

  • SHA256

    a91d657bf9193226811e515a1957e085d1e413142222c676b76ee29c44ea542d

  • SHA512

    5de75b9f199e979dfaccf666a7c1d536b560d34f6fe010f01088de6f628bc7c3ba1543e5ebb669e970511d8ff35673e98ac484a53abf0bab781bf18bd3a83d7a

  • SSDEEP

    192:gHasUDBNVK6CQg1ZpfwPfzTTwvnQScBuoHhn+KhUXpPj+:uaHYhXlfYLv0QS1oHMKmq

Score
10/10
badrabbitaspackv2discoveryevasionransomware

Malware Config

Targets

    • Target

      image_2024-09-22_223404200.png

    • Size

      9KB

    • MD5

      7d424586ca6932a08bc7b1c79705a230

    • SHA1

      50b76d65330d4f6518c49c71eae8c3258ef65e6b

    • SHA256

      a91d657bf9193226811e515a1957e085d1e413142222c676b76ee29c44ea542d

    • SHA512

      5de75b9f199e979dfaccf666a7c1d536b560d34f6fe010f01088de6f628bc7c3ba1543e5ebb669e970511d8ff35673e98ac484a53abf0bab781bf18bd3a83d7a

    • SSDEEP

      192:gHasUDBNVK6CQg1ZpfwPfzTTwvnQScBuoHhn+KhUXpPj+:uaHYhXlfYLv0QS1oHMKmq

    Score
    10/10
    badrabbitaspackv2discoveryevasionransomware

    • BadRabbit

      Ransomware family discovered in late 2017, mainly targeting Russia and Ukraine.

      ransomwarebadrabbit

    • Disables Task Manager via registry modification

      evasion

    • Downloads MZ/PE file

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks