Overview

overview

9

Static

static

3

dropper.exe

windows11-21h2-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    dropper.exe

  • Size

    118KB

  • Sample

    241004-kn2lssyflg

  • MD5

    50128b01d1a948ab52da46be4568edb0

  • SHA1

    61bd73d3f5062de8f852a55f8ad648fef1a412c6

  • SHA256

    1d1f2c6dd162030d4a972470b8af4be5fed90dc2c134d2ef64a69cff4332949a

  • SHA512

    2dc9901160ef08246174ee70fcb0f101c18f2cd503f6a941a71b3ff4f555fd71fb378d83c1824c1851dcd38f4b5cfd2b2177c6da9490d80e1a2a4d0ac8ba717d

  • SSDEEP

    1536:bB/ulGsSQDbE8icqZxx2ZEBPX4PXx4QkPJu6LFTRjmxzAWMT3rPrS1zOJBiWuuq3:bB/umH8RI2mBPX4+E4G

Score
9/10
defense_evasionexecutionimpactransomware

Malware Config

Targets

    • Target

      dropper.exe

    • Size

      118KB

    • MD5

      50128b01d1a948ab52da46be4568edb0

    • SHA1

      61bd73d3f5062de8f852a55f8ad648fef1a412c6

    • SHA256

      1d1f2c6dd162030d4a972470b8af4be5fed90dc2c134d2ef64a69cff4332949a

    • SHA512

      2dc9901160ef08246174ee70fcb0f101c18f2cd503f6a941a71b3ff4f555fd71fb378d83c1824c1851dcd38f4b5cfd2b2177c6da9490d80e1a2a4d0ac8ba717d

    • SSDEEP

      1536:bB/ulGsSQDbE8icqZxx2ZEBPX4PXx4QkPJu6LFTRjmxzAWMT3rPrS1zOJBiWuuq3:bB/umH8RI2mBPX4+E4G

    Score
    9/10
    defense_evasionexecutionimpactransomware

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomwaredefense_evasionimpactexecution

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

      execution
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks