General
-
Target
adca6d7c012cdc686c3a10659ea0760f5ff904053c80671269795aaf2b8f6a52.exe
-
Size
22KB
-
Sample
241111-fxxa8atdkl
-
MD5
759c4fdfbdedb36d42973cd355ae1dad
-
SHA1
c94830d8330012aec8c8cb2276d936fd94fd9eb9
-
SHA256
adca6d7c012cdc686c3a10659ea0760f5ff904053c80671269795aaf2b8f6a52
-
SHA512
99a3d10b6e720f3dc3c1fb6e6103786fc291e1ba57b2dd54081ed6903cf2fa1a9c73294eb5a88b0f7cd5631061a997b2ee5d1337baec74522485521125d5c854
-
SSDEEP
384:/QkZbV8i+fIZFQyZpz0q7bYKkxRjK36ct14yvXbB75z62A1aNJawcudoD7UgKDgu:YGcAPQIpz0Mb18Kdt14yvLhlConbcuyg
Behavioral task
behavioral1
Sample
adca6d7c012cdc686c3a10659ea0760f5ff904053c80671269795aaf2b8f6a52.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
adca6d7c012cdc686c3a10659ea0760f5ff904053c80671269795aaf2b8f6a52.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
adca6d7c012cdc686c3a10659ea0760f5ff904053c80671269795aaf2b8f6a52.exe
-
Size
22KB
-
MD5
759c4fdfbdedb36d42973cd355ae1dad
-
SHA1
c94830d8330012aec8c8cb2276d936fd94fd9eb9
-
SHA256
adca6d7c012cdc686c3a10659ea0760f5ff904053c80671269795aaf2b8f6a52
-
SHA512
99a3d10b6e720f3dc3c1fb6e6103786fc291e1ba57b2dd54081ed6903cf2fa1a9c73294eb5a88b0f7cd5631061a997b2ee5d1337baec74522485521125d5c854
-
SSDEEP
384:/QkZbV8i+fIZFQyZpz0q7bYKkxRjK36ct14yvXbB75z62A1aNJawcudoD7UgKDgu:YGcAPQIpz0Mb18Kdt14yvLhlConbcuyg
-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Disables RegEdit via registry modification
-
Modifies Windows Firewall
-
Possible privilege escalation attempt
-
Modifies file permissions
-
File and Directory Permissions Modification: Windows File and Directory Permissions Modification
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1