General

  • Target

    3f6e996ee4a40d2d19b648669d9146562627359626239324937a5c75f8030824

  • Size

    425KB

  • Sample

    220305-wjy6naaebj

  • MD5

    8e2ccd9284e09ccc4e9eef325a83b435

  • SHA1

    7710f609e7623a08f0dd7cb8fae1ff38d0c729ef

  • SHA256

    3f6e996ee4a40d2d19b648669d9146562627359626239324937a5c75f8030824

  • SHA512

    9827bdb32c04127ee0ccc41be9c84df40e7d2aa30c68dc9f9e5bfabcd920478884bbec0f3f8ddcbe5fba2eafafa3437b37af161d59fc39daa92202e2f884247f

Malware Config

Targets

    • Target

      3f6e996ee4a40d2d19b648669d9146562627359626239324937a5c75f8030824

    • Size

      425KB

    • MD5

      8e2ccd9284e09ccc4e9eef325a83b435

    • SHA1

      7710f609e7623a08f0dd7cb8fae1ff38d0c729ef

    • SHA256

      3f6e996ee4a40d2d19b648669d9146562627359626239324937a5c75f8030824

    • SHA512

      9827bdb32c04127ee0ccc41be9c84df40e7d2aa30c68dc9f9e5bfabcd920478884bbec0f3f8ddcbe5fba2eafafa3437b37af161d59fc39daa92202e2f884247f

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v6

Tasks