General
-
Target
2024-06-30_f1ef6453b193cbb69a0049cbbbcd4455_bkransomware
-
Size
528KB
-
Sample
240630-yzrsmatgqf
-
MD5
f1ef6453b193cbb69a0049cbbbcd4455
-
SHA1
073ff3578e07754e16895603570fc76b986c4765
-
SHA256
c78c123e54741b61aa6d4628f04b5c583dba63c72b6c35223c5de8eeac69f96d
-
SHA512
3f55d39ee16907554d855d7ffd1b280c862454eefb95c56ea0cd25bf7cb02c0a308be471d3df4a6726ed26a1367ec21f35ccdab278b4be64a039b82a797cac6d
-
SSDEEP
6144:DoyZmTAsfJFakxaLjcMkc0Cax1PHGp6bYA0w601+dNT9/0626ASkVOAFhyFnUmr2:DoyIJsMPrPmp6bYboEdNDJAqOp
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-30_f1ef6453b193cbb69a0049cbbbcd4455_bkransomware.exe
Resource
win7-20240221-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
2024-06-30_f1ef6453b193cbb69a0049cbbbcd4455_bkransomware
-
Size
528KB
-
MD5
f1ef6453b193cbb69a0049cbbbcd4455
-
SHA1
073ff3578e07754e16895603570fc76b986c4765
-
SHA256
c78c123e54741b61aa6d4628f04b5c583dba63c72b6c35223c5de8eeac69f96d
-
SHA512
3f55d39ee16907554d855d7ffd1b280c862454eefb95c56ea0cd25bf7cb02c0a308be471d3df4a6726ed26a1367ec21f35ccdab278b4be64a039b82a797cac6d
-
SSDEEP
6144:DoyZmTAsfJFakxaLjcMkc0Cax1PHGp6bYA0w601+dNT9/0626ASkVOAFhyFnUmr2:DoyIJsMPrPmp6bYboEdNDJAqOp
-
Modifies firewall policy service
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1