General
-
Target
Ransomware.exe
-
Size
26KB
-
Sample
241105-yhdvfaxbrh
-
MD5
d7b03590f49d593a19260401b8a628fb
-
SHA1
ab9da018c2ea4cfd193bd008afa5316c3ad99082
-
SHA256
4ff3ec9f6c8a6b469936c771ffd5210880b39afcf3826f1e2f50f16ff5117d45
-
SHA512
fa552f5e7386eca10e60a77bb280716268c105fe784e2852207cad4422504516ce933f6b162d1fd32e67c611ecc20e5c3e64fd53b582f65e2a3def2180cb852c
-
SSDEEP
384:fZoo2ejecFr5SHGHIk1YzoWpxcOET+anKGSKrcbfoVQ6kYcV6O7UiJFnh:fzqaMHGMk19KGSKLkYcV6O4izh
Static task
static1
Behavioral task
behavioral1
Sample
Ransomware.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
Ransomware.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
Ransomware.exe
-
Size
26KB
-
MD5
d7b03590f49d593a19260401b8a628fb
-
SHA1
ab9da018c2ea4cfd193bd008afa5316c3ad99082
-
SHA256
4ff3ec9f6c8a6b469936c771ffd5210880b39afcf3826f1e2f50f16ff5117d45
-
SHA512
fa552f5e7386eca10e60a77bb280716268c105fe784e2852207cad4422504516ce933f6b162d1fd32e67c611ecc20e5c3e64fd53b582f65e2a3def2180cb852c
-
SSDEEP
384:fZoo2ejecFr5SHGHIk1YzoWpxcOET+anKGSKrcbfoVQ6kYcV6O7UiJFnh:fzqaMHGMk19KGSKLkYcV6O4izh
Score10/10-
Modifies WinLogon for persistence
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Sets desktop wallpaper using registry
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Winlogon Helper DLL
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
1Disable or Modify Tools
1Modify Registry
4