Overview

overview

10

Static

static

3

1d871d84ee...26.exe

windows7-x64

10

1d871d84ee...26.exe

windows10-2004-x64

10

9aaeb479b6...02.exe

windows7-x64

10

9aaeb479b6...02.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2.0.rar

  • Size

    477KB

  • Sample

    241120-qwls7sxbqc

  • MD5

    20928a801cf74fa9f9e8ef76d3211109

  • SHA1

    0d1b1815a441763c7732f237ea334e3dfbc20093

  • SHA256

    2181199b28b86022e3f975a3cec5d0f56fc13cb6385627e4a288063ce0b9b433

  • SHA512

    10ee8f796187459f87c6218f457d9c94d73b5f31750d8fdc5278d1ad27ad980fc9ca82162d111deb848ed11e7aa071ac6e9937afdf115d156462aefbe8f50ad8

  • SSDEEP

    12288:wzs7p+jqPhwVO2KcMULjkUIHv7iDFasELvHyC3KTs:0Sp+jqP6ISMULjoW5wygIs

Score
10/10
evasionpersistenceransomware

Malware Config

Targets

    • Target

      1d871d84ee02630558411e47c81ef2aa8bef8f6cd8daaf594f133f545f772c26.exe

    • Size

      824KB

    • MD5

      7d17a868abac9de81fe79087eee31471

    • SHA1

      2d3f58ea051db43964243b8aefb7279e45e7bda9

    • SHA256

      1d871d84ee02630558411e47c81ef2aa8bef8f6cd8daaf594f133f545f772c26

    • SHA512

      85ec6c3cf0908b306712041fc9d971d27349641245c29f126e01443dcc6ccd78530c789b15d345938c194009c890b42f7c95bc65deae1ef7372e5744651f9540

    • SSDEEP

      24576:ntfYkVVmFFFKvvvvvvvvvvvvvvvvms4AkVVmFFFKvvvvvvvvvvvvvvvvms4n:n+vnAvn

    Score
    10/10
    evasionpersistenceransomware

    • Modifies WinLogon for persistence

      persistence

    • Disables Task Manager via registry modification

      evasion

    • Drops desktop.ini file(s)

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1behavioral2

    • Target

      9aaeb479b6bb61b97d6843d8681229ec1873acd0b488d575d71956c8d1ad1b02.exe

    • Size

      500KB

    • MD5

      c8c3a98c2916e96f5b8f07aeeb740066

    • SHA1

      c4920da5ce4f8912186dca18404ce7a9327c8dab

    • SHA256

      9aaeb479b6bb61b97d6843d8681229ec1873acd0b488d575d71956c8d1ad1b02

    • SHA512

      17bbde312e5fdbcc2766c5f0d5895dab72439844b8b2f89e4e3207a1c9396c8254ad0f2ce47ddb4c8081e9aabb9a61aa982babe47adfa0ba3e456c38d338e1e2

    • SSDEEP

      12288:+uRvXH+lNAFAvcE4vIKvQDsORs0hqK4vF:+gfelySvcE4vIKvUTRsRK8F

    Score
    10/10
    evasionpersistenceransomware

    • Modifies WinLogon for persistence

      persistence

    • Disables Task Manager via registry modification

      evasion

    • Drops desktop.ini file(s)

    • Sets desktop wallpaper using registry

      ransomware
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.