956e55192982e6ef3f36c0d9b8ad593c19ae72afaf9b79ce18404c56f675309c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

956e55192982e6ef3f36c0d9b8ad593c19ae72afaf9b79ce18404c56f675309c
Size

132KB
Sample

241005-vhhxlssbne
MD5

b13d3b48315d2a992590bb738268fe30
SHA1

42335664dfcd139c087e7c18ec8c6a852cfc2230
SHA256

956e55192982e6ef3f36c0d9b8ad593c19ae72afaf9b79ce18404c56f675309c
SHA512

b1b1bf4a9b8fb488eb347af04d4f94778abd3cf73cdbab564f85fd625665ad8d00e202bfb28d21c26dd91ab74837d7cef1fd9871a2d085d54a63c8cde83ecbed
SSDEEP

768:rqq2eBcwbWQBk3MApF4wJcVVkKp7nJ1Wbeiq3su3ziB9xy97WlyXd7/oRJRpBLii:jcwbWR3YwJcfJ1mefp59ClA/onRPnvmy

Score

9^/10

defense_evasion discovery evasion persistence ransomware

Malware Config

Targets

- Target
  
  956e55192982e6ef3f36c0d9b8ad593c19ae72afaf9b79ce18404c56f675309c
- Size
  
  132KB
- MD5
  
  b13d3b48315d2a992590bb738268fe30
- SHA1
  
  42335664dfcd139c087e7c18ec8c6a852cfc2230
- SHA256
  
  956e55192982e6ef3f36c0d9b8ad593c19ae72afaf9b79ce18404c56f675309c
- SHA512
  
  b1b1bf4a9b8fb488eb347af04d4f94778abd3cf73cdbab564f85fd625665ad8d00e202bfb28d21c26dd91ab74837d7cef1fd9871a2d085d54a63c8cde83ecbed
- SSDEEP
  
  768:rqq2eBcwbWQBk3MApF4wJcVVkKp7nJ1Wbeiq3su3ziB9xy97WlyXd7/oRJRpBLii:jcwbWR3YwJcfJ1mefp59ClA/onRPnvmy
Score

9^/10

defense_evasion discovery evasion persistence ransomware
- Clears Windows event logs
  evasion ransomware
- Power Settings
  powercfg controls all configurable power system settings on a Windows system and can be abused to prevent an infected host from locking or shutting down.
  persistence
- Hide Artifacts: Hidden Files and Directories
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Power Settings

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Indicator Removal

Clear Windows Event Logs

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Time Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoveryevasionpersistenceransomware

behavioral2

defense_evasiondiscoveryevasionpersistenceransomware