9895322791eff6a39516d3d73efc4584f4db8cb735f6bdf7fcadb8d38411950c

General

Target

png.png
Size

64KB
Sample

241002-bswfxazfmm
MD5

fea57639224bfb64aecab7c821757a88
SHA1

26881e715155700e8e93aafeb116c79e307289c0
SHA256

9895322791eff6a39516d3d73efc4584f4db8cb735f6bdf7fcadb8d38411950c
SHA512

155ad818d811b4e07aef07d4e67347320e7e6b358cbde7e15df9ba360382da5771ff1d50d47c8c3a6653ab319e993a97fac0f8cf42a730909b681be5ed845d39
SSDEEP

1536:lhUNQav6UZcZatsiMy2GyfKT4YLGjIgOtI3DfY2I:k2+6+xBKKT4YpHtIrVI

Score

10^/10

Malware Config

Targets

- Target
  
  png.png
- Size
  
  64KB
- MD5
  
  fea57639224bfb64aecab7c821757a88
- SHA1
  
  26881e715155700e8e93aafeb116c79e307289c0
- SHA256
  
  9895322791eff6a39516d3d73efc4584f4db8cb735f6bdf7fcadb8d38411950c
- SHA512
  
  155ad818d811b4e07aef07d4e67347320e7e6b358cbde7e15df9ba360382da5771ff1d50d47c8c3a6653ab319e993a97fac0f8cf42a730909b681be5ed845d39
- SSDEEP
  
  1536:lhUNQav6UZcZatsiMy2GyfKT4YLGjIgOtI3DfY2I:k2+6+xBKKT4YpHtIrVI
Score

10^/10

defense_evasion discovery evasion execution impact persistence privilege_escalation ransomware trojan
- Modifies WinLogon for persistence
  persistence
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- UAC bypass
  evasion trojan
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware defense_evasion impact execution
- Disables RegEdit via registry modification
  evasion
- Disables Task Manager via registry modification
  evasion
- Disables use of System Restore points
  evasion
- Downloads MZ/PE file
- Event Triggered Execution: Image File Execution Options Injection
  persistence
- Modifies Windows Firewall
  evasion
- Executes dropped EXE
- Impair Defenses: Safe Mode Boot
  defense_evasion
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Legitimate hosting services abused for malware hosting/C2
behavioral1