19c7357637bab25785205359b35b87543cc976498deacd7ac0c2e7fec58307c3 | Triage

Submit
Reports

Overview

overview

Static

static

1

1.0

windows10-ltsc 2021-x64

Resubmissions

04-12-2024 02:13

241204-cnr4cs1rfp 3

03-12-2024 07:31

241203-jcrrsavraz 1

03-12-2024 07:26

241203-h9ps1svqas 10

03-12-2024 07:18

241203-h4xxfa1kdn 8

Sharing

General

Target

1.0.0
Size

176KB
Sample

241203-h9ps1svqas
MD5

0b8524e411ba80cd84ae3d0fc8fec89c
SHA1

88da4f6a5af44bd51006e36381aeb60fc88d148e
SHA256

19c7357637bab25785205359b35b87543cc976498deacd7ac0c2e7fec58307c3
SHA512

65321c9d854f741a040bff3b335dd846c06439b28c6cddd6eccf1a09a4e76ffc54bb935680490741f44c56a49d12775adaef0270499a3c744c00fffe6c37fcf7
SSDEEP

3072:foWGzmseSVatcG72AQgXD6OOGetUzzWMnUjFokAYgj1GLBKCZIskgj1GLBKNW4pq:USsw4pOL/saqkPV9FemLtcsDSsmw49j8

Score

10^/10

discovery evasion ransomware trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

1.0

Resource

win10ltsc2021-20241023-en

discovery evasion ransomware trojan upx

windows10-ltsc 2021-x64

26 signatures

150 seconds

Malware Config

Targets

- Target
  
  1.0.0
- Size
  
  176KB
- MD5
  
  0b8524e411ba80cd84ae3d0fc8fec89c
- SHA1
  
  88da4f6a5af44bd51006e36381aeb60fc88d148e
- SHA256
  
  19c7357637bab25785205359b35b87543cc976498deacd7ac0c2e7fec58307c3
- SHA512
  
  65321c9d854f741a040bff3b335dd846c06439b28c6cddd6eccf1a09a4e76ffc54bb935680490741f44c56a49d12775adaef0270499a3c744c00fffe6c37fcf7
- SSDEEP
  
  3072:foWGzmseSVatcG72AQgXD6OOGetUzzWMnUjFokAYgj1GLBKCZIskgj1GLBKNW4pq:USsw4pOL/saqkPV9FemLtcsDSsmw49j8
Score

10^/10

discovery evasion ransomware trojan upx
- UAC bypass
  evasion trojan
- Disables Task Manager via registry modification
  evasion
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Sets desktop wallpaper using registry
  ransomware
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

discoveryevasionransomwaretrojanupx

© 2018-2024

Terms | Privacy