2b6d4cefa77ae47c33bbad9dba1dbce9f83a83ed31a0fc5039d24b2c649a7dca | Triage

Submit
Reports

Overview

overview

Static

static

3

MovieDuels.x86.exe

windows11-21h2-x64

Resubmissions

30/03/2025, 21:06

250330-zx7lqsxsaz 10

30/03/2025, 21:02

250330-zvd7eayrv4 8

30/03/2025, 20:49

250330-zmf12awyh1 10

Sharing

General

Target

MovieDuels.x86.exe
Size

830KB
Sample

250330-zmf12awyh1
MD5

e0f676512de7503cf559cb1e5212e7e7
SHA1

6a19ca3de64e3d3e16d160d9b3f10a9019302660
SHA256

2b6d4cefa77ae47c33bbad9dba1dbce9f83a83ed31a0fc5039d24b2c649a7dca
SHA512

b31185e3a5af2421382d56b82c7329c092a5287005be3667638acb7c2ccaabe5a89c10695ccac97406e72bc1d52ac6865e9b0a84437875d8abe35f65d5fb60fa
SSDEEP

24576:hHKxoUWVvBO9Pw0JivckQxgiKZj3z4wBpdwV9RNdJB5nS3T4+LX:hqxnivmAj3z4wBpiSTRz

Score

10^/10

defense_evasion discovery persistence ransomware trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

MovieDuels.x86.exe

Resource

win11-20250313-en

defense_evasion discovery persistence ransomware trojan

windows11-21h2-x64

32 signatures

900 seconds

Malware Config

Targets

- Target
  
  MovieDuels.x86.exe
- Size
  
  830KB
- MD5
  
  e0f676512de7503cf559cb1e5212e7e7
- SHA1
  
  6a19ca3de64e3d3e16d160d9b3f10a9019302660
- SHA256
  
  2b6d4cefa77ae47c33bbad9dba1dbce9f83a83ed31a0fc5039d24b2c649a7dca
- SHA512
  
  b31185e3a5af2421382d56b82c7329c092a5287005be3667638acb7c2ccaabe5a89c10695ccac97406e72bc1d52ac6865e9b0a84437875d8abe35f65d5fb60fa
- SSDEEP
  
  24576:hHKxoUWVvBO9Pw0JivckQxgiKZj3z4wBpdwV9RNdJB5nS3T4+LX:hqxnivmAj3z4wBpiSTRz
Score

10^/10

defense_evasion discovery persistence ransomware trojan
- Modifies WinLogon for persistence
  persistence
- UAC bypass
  defense_evasion trojan
- Disables RegEdit via registry modification
  defense_evasion
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  defense_evasion
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Sets desktop wallpaper using registry
  ransomware
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Hide Artifacts

Hidden Files and Directories

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

defense_evasiondiscoverypersistenceransomwaretrojan

© 2018-2025

Terms | Privacy