fd08c82277d56982a16196dfa852ebbbfdd67752619274a6ddb4ad4b123f5ba3 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

99compress.py

windows11-21h2-x64

Resubmissions

12-01-2025 20:27

250112-y8qlxsxqgv 10

12-01-2025 20:17

250112-y2sgyaznep 8

12-01-2025 20:07

250112-ywfwysxlft 10

12-01-2025 19:55

250112-yngtaawrdt 10

Sharing

General

Target

99compress.py
Size

2KB
Sample

250112-y2sgyaznep
MD5

87ce3a21c9af0b3c2271e5ebe8f70658
SHA1

f299f35fc0693a9d196f53d0e7b60e94f6cc22ac
SHA256

fd08c82277d56982a16196dfa852ebbbfdd67752619274a6ddb4ad4b123f5ba3
SHA512

be03c98744791881f23db47d4cf9397a2c9cb0712344f1357f7cf1f67b95574b7c270a54c66074d78ffd092d984ec7ad57661e02c16578116339cf1edf08f7f7

Score

8^/10

discovery evasion ransomware

Static task

static1

Behavioral task

behavioral1

Sample

99compress.py

Resource

win11-20241007-en

discovery evasion ransomware

windows11-21h2-x64

22 signatures

150 seconds

Malware Config

Targets

- Target
  
  99compress.py
- Size
  
  2KB
- MD5
  
  87ce3a21c9af0b3c2271e5ebe8f70658
- SHA1
  
  f299f35fc0693a9d196f53d0e7b60e94f6cc22ac
- SHA256
  
  fd08c82277d56982a16196dfa852ebbbfdd67752619274a6ddb4ad4b123f5ba3
- SHA512
  
  be03c98744791881f23db47d4cf9397a2c9cb0712344f1357f7cf1f67b95574b7c270a54c66074d78ffd092d984ec7ad57661e02c16578116339cf1edf08f7f7
Score

8^/10

discovery evasion ransomware
- Disables Task Manager via registry modification
  evasion
- Executes dropped EXE
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Sets desktop wallpaper using registry
  ransomware
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

discoveryevasionransomware

© 2018-2025

Terms | Privacy