General

  • Target

    ee44d835b7a5eaf2fb534460848a0f419f9545674f85fb0152b158b41a1045bb.exe

  • Size

    12KB

  • Sample

    221012-lzhhqsdbh9

  • MD5

    6c42c7957278c7ac09b111490fc93cc1

  • SHA1

    29f9b35533f1a6dbf47ed5dfb4144c33d33ce91b

  • SHA256

    ee44d835b7a5eaf2fb534460848a0f419f9545674f85fb0152b158b41a1045bb

  • SHA512

    770866733f92d2ac60e15243e346840e3d6b54e389d80ed345af6a994bfd4b0e840a17397a74e7df44c4c95032756346e17457089fe80e18e7ab924ab7718833

  • SSDEEP

    192:+/TrG62a6B10k3g4fXk1iTV3HGc7EkpAqEjvu2q9C/YpXnAITZfPtRMcH0s:+ebFNw4Pk1itKkpAjjI2YpdmcH9

Malware Config

Targets

    • Target

      ee44d835b7a5eaf2fb534460848a0f419f9545674f85fb0152b158b41a1045bb.exe

    • Size

      12KB

    • MD5

      6c42c7957278c7ac09b111490fc93cc1

    • SHA1

      29f9b35533f1a6dbf47ed5dfb4144c33d33ce91b

    • SHA256

      ee44d835b7a5eaf2fb534460848a0f419f9545674f85fb0152b158b41a1045bb

    • SHA512

      770866733f92d2ac60e15243e346840e3d6b54e389d80ed345af6a994bfd4b0e840a17397a74e7df44c4c95032756346e17457089fe80e18e7ab924ab7718833

    • SSDEEP

      192:+/TrG62a6B10k3g4fXk1iTV3HGc7EkpAqEjvu2q9C/YpXnAITZfPtRMcH0s:+ebFNw4Pk1itKkpAjjI2YpdmcH9

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks