chaos | 4cea74d80b0fed024d554aec6391dd7a4cc41abc44584b7b4617785d4842a1b0

Sharing

Copy URL

Twitter E-mail

General

Target

Yashma-Ransomware-main.zip
Size

155KB
Sample

241220-ewxd6ayrhy
MD5

e8403a7184c407130f2a1cd05c32919c
SHA1

0be3aeca29120efadbc37c4e9ce074fd530c06e5
SHA256

4cea74d80b0fed024d554aec6391dd7a4cc41abc44584b7b4617785d4842a1b0
SHA512

0f6b96ecc2318df177b9a4335f718261a48cf577574cb80b217ba2dff300b5a61da75f40264f4f95f4432c0eda8da5e0cdb68c2c22bbf7eaede58af923bd8776
SSDEEP

3072:IfUjZjB+4cQl18ClRkpf8b4yZWox0fbYgJVlSlcDZwngAgBVKu76LIw2/RbLpwLe:IKjBx1exoGbYOFBW+xLpaC7D8YRseByO

Score

10^/10

Malware Config

Targets

- Target
  
  Yashma-Ransomware-main/Yashma Ransomware/CustomWindowsForm/BlackForm.resx
- Size
  
  159KB
- MD5
  
  9da1e86a871d2604eaf2a14b5a1c2e06
- SHA1
  
  75b2424aa630f6fdda88b0e61eade6c0a0ea2bc9
- SHA256
  
  64b50a1e8df898739e73516effa5579d477f8c09b9b85a8042f7c9aff4172ac5
- SHA512
  
  48ab2f2e3a36af5eeee48fadf93f30583e05dc3c1bf79560874d0d971000a7fad26da93d9a0896dbe20b9ad9a5be2a60198ef9ff579f64c7e0454f874b4ab3ef
- SSDEEP
  
  768:KjXdskSv62RIDg33ITTV06eiibdih3kQoQ4Ysmgq/QdM91Cl:Kj2v68334Vi4suqky
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  Yashma-Ransomware-main/Yashma Ransomware/CustomWindowsForm/ButtonX.cs
- Size
  
  4KB
- MD5
  
  113d60ab3b85d95d43aa362e6cf04dd0
- SHA1
  
  ef5bb5f6631ce6bed6559e0492d33bf37e82af5a
- SHA256
  
  ded19faffa05303659e85237f07e1e1a4f249b24187f67bf0aa83b33d5bd1055
- SHA512
  
  0ab90ae36bd75d1123064beb6942a7076c1ec1a82a5e5b0fb8860680c4b1b4b4957d24ab3103a6cb88c47ad63f55dfb39f35aa6d98d8b7123a72ea354f7c6d9f
- SSDEEP
  
  96:Joz00NJfMpJns8JF9JvkJGlxWJ1jDJc5/MLFL9btYt95aMHP9Fo3xa9:4ZNJfSJns8JF9JvkJGl0J1jDJc+htYtF
Score

1^/10
behavioral3 behavioral4
- Target
  
  Yashma-Ransomware-main/Yashma Ransomware/CustomWindowsForm/ButtonZ.cs
- Size
  
  4KB
- MD5
  
  102328cc52d3da25173b96e98f2b514d
- SHA1
  
  26edec967de2d62d30e426fd6fe71024019ed439
- SHA256
  
  d90d5a11a6642c4c8ecde624ae247f5d2aa4d77dd08256b4a58c42e7ae694c03
- SHA512
  
  1fc959c0f2780664f0f02a18e25edba053a3302f21622989a01474e6faa83ac7cc45d70ee31c80192ee38683af0b04e38863936714bcb4fe9bac03c3bfb3a9ca
- SSDEEP
  
  96:Joz003RPJfvVJn+khJFpHJvFQrnJ12Y8JcW4/MHUVHMHP9Frz6h:4Z3RPJfvVJnfJFlJvSnJ1v8JcWSVHEf4
Score

1^/10
behavioral5 behavioral6
- Target
  
  Yashma-Ransomware-main/Yashma Ransomware/CustomWindowsForm/Form2.resx
- Size
  
  159KB
- MD5
  
  7c42e106227160f0240e8e0e2b1f2f97
- SHA1
  
  4c3ec7bce25c0e081d8be0c2d9173e07d9429529
- SHA256
  
  06239b2aca59ed522182bc1f924c6199c727bf65e13b9433ce279e17cb4ffa82
- SHA512
  
  8344cf5852ab352089333a08344eba28675c229165244a3d756802bc394e2e70827d6a8984aec1005c285b96e158f3a75e9d77e1217861eaf3cc20680a05de96
- SSDEEP
  
  768:KjXdskSv6v2SDg33ITTV06eiibdih3kQoQ4Ysmgq/QdM91Cl:Kj2v60334Vi4suqky
Score

1^/10
behavioral7 behavioral8
- Target
  
  Yashma-Ransomware-main/Yashma Ransomware/CustomWindowsForm/MinMaxButton.cs
- Size
  
  5KB
- MD5
  
  827fb713b6e8b9a8b14691f492311647
- SHA1
  
  bf7c107e8de56b252bd7923459d5cdb8f04cbdf1
- SHA256
  
  a8cb9881a57574ab6f881e3d174f898fe6a5a35585502d45edbdef593b2a2ce2
- SHA512
  
  e2349d55643b7dc6f2302c54b3b81906b3c158594ec10324005fc894093bd8ea98e73390418a7b62f450a9e062a9f52ca93d0807e9a6ca6c5270561f6b85be61
- SSDEEP
  
  96:Joz00xMQQr+JaueJfb6SJnn9JFIJvYJ1CwDJcx4tVX6Or+mcyN9:4ZxMh6JaueJfb6SJnn9JFIJvYJ1CwDJX
Score

1^/10
behavioral10 behavioral9
- Target
  
  Yashma-Ransomware-main/Yashma Ransomware/CustomWindowsForm/ShapedButton.cs
- Size
  
  13KB
- MD5
  
  a37767b5c2e7ab221714052e40d1d392
- SHA1
  
  940daa005a3f51d590dc34017742890424936e4b
- SHA256
  
  ffe6088844b27a680110603d478bbb6ab00a61acfdc904fb9b891770ad58f317
- SHA512
  
  bb2902d1b5666199194e1a08c6393a80872fdf308172d764548993f2d60f00af57d0df6d7d79b914b87b647f70b51575f7b69555260775c92f3e8509ddeb84ae
- SSDEEP
  
  192:4iTAsJJ+zJfCJk3Jh61OJMCJXH6JefSJdCJEFChJPcJuOD9JTfnJ79nJ1fKwJcJs:4iTLgY4LRx6Z2xCb9N3hUjmBXCC9/
Score

1^/10
behavioral11 behavioral12
- Target
  
  Yashma-Ransomware-main/Yashma Ransomware/CustomWindowsForm/advancedSettingForm.cs
- Size
  
  13KB
- MD5
  
  36070ded70f655344f5f8ccbeee356bb
- SHA1
  
  48b4d9f05b8a114d30b3388a4832a6e62029de91
- SHA256
  
  d6d0fb90dc0bd7987a041dc1e78a4563c9480c9afb0e4122bab6f2e605a378ff
- SHA512
  
  0d83d70153a5ada90924367dbdb695f9856a9443b78cdbf5cc0d644398ae6f89f592f0a1ff9d9b898e3fd45c395a733117cd41a947dd243bb0b12dc9ea5c9f87
- SSDEEP
  
  192:9fr48b0S9BTOpUt8iRAWO0+WXDdAH91zF9iGAs8iRmjgBGI6BTv5XSwZ+jc35Xrm:9frLcwI/
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  Yashma-Ransomware-main/Yashma Ransomware/CustomWindowsForm/advancedSettingForm.resx
- Size
  
  159KB
- MD5
  
  fbc9a9eb3d37e2ce74ffcdb905f400e2
- SHA1
  
  bee5097057a42015273c83b829178142c3490ef6
- SHA256
  
  5de713112250e9505bd1a7b29fb0cdbac9270d82ab2f8655cd7f37bd8b6edd79
- SHA512
  
  7874ef8f2299889aa61b23b6f73165dc956036da01cf624c9534bc5998ab3e2dec9256ce20d6ffd16d8908fd03b4e79283c94bd4b27b71409b83ae9b1b70c460
- SSDEEP
  
  768:KjXdskSv6MDg33ITTV06eiibdih3kQoQ4Ysmgq/QdM91Cl:Kj2v6R334Vi4suqky
Score

1^/10
behavioral15 behavioral16
- Target
  
  Yashma-Ransomware-main/Yashma Ransomware/CustomWindowsForm/extensions.resx
- Size
  
  160KB
- MD5
  
  73ef1a21b1f440316d7dffb56b6cf8fb
- SHA1
  
  f32c5500740ed650470dd5a33954d0aa871c8d81
- SHA256
  
  6003d6663794a29753840d7ba96ab195bbd633de98f8495afee72541803e0535
- SHA512
  
  8bac574621a1a88e97e66b1a21bd20b0d04f424446923975b3288d901c6e7e891aecf930384d37363bbacaf2eccf6976e88054793ec23e7a24d200a87c5f1a00
- SSDEEP
  
  768:KjXdskSv6sQSDg33ITTV06eiibdih3kQoQ4Ysmgq/QdM91Cl:Kj2v6R334Vi4suqky
Score

1^/10
behavioral17 behavioral18
- Target
  
  Yashma-Ransomware-main/Yashma Ransomware/Properties/Resources.Designer.cs
- Size
  
  3KB
- MD5
  
  de055733548076ae6634a3ab942a8112
- SHA1
  
  5871cd5aeb4ab4cbf436ae5ce7ff8b747a5c2c77
- SHA256
  
  1641093764c772f107a8f6ab090698166fef310791f254d99bfd83d8ee2b47fc
- SHA512
  
  2e61100bdcaaf1207813cddbe97d6e40f042ee68f97716629f7e0ba7eb2ad9c67dc38019f34d0bb7586df57c85afee1771d97173ea386eba9a236b79a6427267
Score

1^/10
behavioral19 behavioral20
- Target
  
  Yashma-Ransomware-main/Yashma Ransomware/Properties/Resources.resx
- Size
  
  6KB
- MD5
  
  42296f2f9d252955e18d3c0daaf320e4
- SHA1
  
  0cf23bf370db5529d22f2d1ca1de68c67a89e16e
- SHA256
  
  622bbca82fd0a4ddef1a350dfae1173debc171bf99eeb344647e96e6d841b293
- SHA512
  
  11433598d10d974b9b4edff26b73d38770d9e80aa4cb5257c0125f9c0db899e301038df2a42f6a8861857244308c6098494b3212e5fd8a1e3aafbda54d515066
- SSDEEP
  
  96:fijrkiK5k5LPXbac9m5Lv6FzSvd4gIRjETUT2+0qSdvabvDBwbjBu3FqvuF88akw:KjrbLPD9sLvIzSvKgIqUyahF8o2+2l
Score

1^/10
behavioral21 behavioral22
- Target
  
  Yashma-Ransomware-main/Yashma Ransomware/Properties/Settings.Designer.cs
- Size
  
  8KB
- MD5
  
  531c7f6d35e684d489b71876ef9eac41
- SHA1
  
  0e968797f61012100520bd0e487b62d1246a0cc3
- SHA256
  
  38503283496b305e616433a5868c7e3ab9a24bb168b67b4a7f1e45ab45c31a90
- SHA512
  
  db9dc6e94b7946b4bd7ac81feee270ceda7a10193d31d8b9aacdd26c4089d2bd14aa77014597367ed02ecfa19b82e8ddac58176d0df82cfd6be8924ff2c3a80e
- SSDEEP
  
  192:q5LQCGC6smns2SmnCSmnD2SmnoSmncSmnQSmnySmn7Smn6gHTOLaOSmn9cSmnAOy:q5E3Bsmn2mnbmnbmnVmn5mn9mnLmnmmm
Score

1^/10
behavioral23 behavioral24
- Target
  
  Yashma-Ransomware-main/Yashma Ransomware/Resources/Source
- Size
  
  36KB
- MD5
  
  60c17c03b1dc96a71d35cddce6458ead
- SHA1
  
  73f89cedde75283d9e48396fe5c8c63e14b87a53
- SHA256
  
  ec6b3fd966fa738a61fad76790e843d24d1913f33f37fce1ec6621b409dadd38
- SHA512
  
  d83fef8d0baa7be60dcd7d0be8352d0cedc68c779edb7c2052a5374908847430d2b9d1b5ebe0895ef4588f2e04ad06de1287b7dca47da61682994194d1fb4f38
- SSDEEP
  
  384:iNsowc0HzlanZdekVJULCpUV/fPqQp7tiMVtbOPIUfniFzLdRbvgrNPUWP6U:i70HxaS3XV/vtdVG/fMnK
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  Yashma-Ransomware-main/Yashma Ransomware/Resources/decrypter
- Size
  
  209KB
- MD5
  
  f30ce6004e05994ffd89124c5f0290df
- SHA1
  
  f797b573c65b1a0fe896fc529cb764da41617026
- SHA256
  
  00a48c79f453fa1b13c3f37feae3711c7ec35fd82b7bde2432d8c56ccdaf544d
- SHA512
  
  6eac7bc507b0a7398b9335a67cc1928b4161b11b3a96b9b025225671158945e5ec7df9fd56fd72b46864bd3267b7713a3e7ab12c83621d94c5cb81c7ffb46577
- SSDEEP
  
  768:8t4pOzzBogXuNuwHfMCwRhOF15utoSJYcyKkCep:8tvNogXuD//wCFLSXkC
Score

1^/10
behavioral27 behavioral28

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28