General
-
Target
cce31319d8b9ee387c1d009683e5fdfd951cb7d43064fde11b62cca29429a604.exe.bin
-
Size
585KB
-
Sample
241105-mntbjaskcl
-
MD5
2f08b210a2574a5a1d14fda3ec2fa377
-
SHA1
281e8ce64215e0a7a14e8cc6b9e197838eeb397d
-
SHA256
cce31319d8b9ee387c1d009683e5fdfd951cb7d43064fde11b62cca29429a604
-
SHA512
8d3a9a55ce131e42492ad4040b151d5df280fc6d11a66c4fa36dcfde35613211e43cb320e5b076469e9d5411f959e694ab6af661122adfff0f14976544d12394
-
SSDEEP
12288:G2Ec0y33mLPJHqR+gq6UlLs6lt3Gje5qeR83ZAukpzchqiE4:gJHsw6UlA6TU1e83qj4hZ
Static task
static1
Behavioral task
behavioral1
Sample
cce31319d8b9ee387c1d009683e5fdfd951cb7d43064fde11b62cca29429a604.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
cce31319d8b9ee387c1d009683e5fdfd951cb7d43064fde11b62cca29429a604.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
cce31319d8b9ee387c1d009683e5fdfd951cb7d43064fde11b62cca29429a604.exe.bin
-
Size
585KB
-
MD5
2f08b210a2574a5a1d14fda3ec2fa377
-
SHA1
281e8ce64215e0a7a14e8cc6b9e197838eeb397d
-
SHA256
cce31319d8b9ee387c1d009683e5fdfd951cb7d43064fde11b62cca29429a604
-
SHA512
8d3a9a55ce131e42492ad4040b151d5df280fc6d11a66c4fa36dcfde35613211e43cb320e5b076469e9d5411f959e694ab6af661122adfff0f14976544d12394
-
SSDEEP
12288:G2Ec0y33mLPJHqR+gq6UlLs6lt3Gje5qeR83ZAukpzchqiE4:gJHsw6UlA6TU1e83qj4hZ
-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Credentials from Password Stores: Windows Credential Manager
Suspicious access to Credentials History.
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
2Credentials from Web Browsers
1Windows Credential Manager
1Unsecured Credentials
1Credentials In Files
1