11b1f38bd5223b65d4e000735e2e6c5ed3c2b4bb09803803b03881e9681442ea | Triage

Resubmissions

21-11-2024 19:45

241121-ygnm9awjdy 8

21-11-2024 19:33

241121-x9rd6svrbz 3

21-11-2024 19:33

241121-x9hr2avrbx 1

21-11-2024 19:29

241121-x7eycsvqgw 10

Sharing

General

Target

sample
Size

19KB
Sample

241121-x7eycsvqgw
MD5

bf650a58ca906f12ccab9aa1a26b9f72
SHA1

3888b53a42a2a34552e0eb0dba603a4904997f6f
SHA256

11b1f38bd5223b65d4e000735e2e6c5ed3c2b4bb09803803b03881e9681442ea
SHA512

9e4b2c36b76ec8f9ac74cf8a6c539a9d46b94eedd34feec85da724333b6563b6d5ac0c96edd41d361cd446e52520eb8e99ec3c85f37ab8210913fc6eb17ab25d
SSDEEP

384:rI7PnT1ocy4MR4lbGaBvOUvhpNGoN60FB3WHOMlObz6r0sZIL2f541xCejiw:rk1ocy4/EaAUJpN/Nrbz6r0sZILU5ixN

Score

10^/10

discovery evasion persistence ransomware trojan

Malware Config

Targets

- Target
  
  sample
- Size
  
  19KB
- MD5
  
  bf650a58ca906f12ccab9aa1a26b9f72
- SHA1
  
  3888b53a42a2a34552e0eb0dba603a4904997f6f
- SHA256
  
  11b1f38bd5223b65d4e000735e2e6c5ed3c2b4bb09803803b03881e9681442ea
- SHA512
  
  9e4b2c36b76ec8f9ac74cf8a6c539a9d46b94eedd34feec85da724333b6563b6d5ac0c96edd41d361cd446e52520eb8e99ec3c85f37ab8210913fc6eb17ab25d
- SSDEEP
  
  384:rI7PnT1ocy4MR4lbGaBvOUvhpNGoN60FB3WHOMlObz6r0sZIL2f541xCejiw:rk1ocy4/EaAUJpN/Nrbz6r0sZILU5ixN
Score

10^/10

discovery evasion persistence ransomware trojan
- Modifies WinLogon for persistence
  persistence
- UAC bypass
  evasion trojan
- Disables RegEdit via registry modification
  evasion
- Drops desktop.ini file(s)
- Sets desktop wallpaper using registry
  ransomware
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

discoveryevasionpersistenceransomwaretrojan