General

  • Target

    8ac39135776d78924a1b9a6cfde3da6b7622f7ed8cb68c0e230e271f3630dc86.exe

  • Size

    12KB

  • Sample

    221014-g52rcabehj

  • MD5

    dea8b0b5540ed3b380e00a57d140304e

  • SHA1

    3f00a6ae4c1de5218a7d186485a7b9318d6464f1

  • SHA256

    8ac39135776d78924a1b9a6cfde3da6b7622f7ed8cb68c0e230e271f3630dc86

  • SHA512

    518d2c5bbe7ba6245088c725e98e656868c4fd1feb0cca53df0483475223cc82484eb4831d917bb71e83f0f0957ac8b7b1bfd19fa64be1cb4bd2d6c2965ffb07

  • SSDEEP

    192:+/TrG62a6B10k3g4fXk1iTV3HGc7EkpAqEjvu2q9C/YpXnAITZfPtRMB2U0:+ebFNw4Pk1itKkpAjjI2YpdmB2Z

Malware Config

Targets

    • Target

      8ac39135776d78924a1b9a6cfde3da6b7622f7ed8cb68c0e230e271f3630dc86.exe

    • Size

      12KB

    • MD5

      dea8b0b5540ed3b380e00a57d140304e

    • SHA1

      3f00a6ae4c1de5218a7d186485a7b9318d6464f1

    • SHA256

      8ac39135776d78924a1b9a6cfde3da6b7622f7ed8cb68c0e230e271f3630dc86

    • SHA512

      518d2c5bbe7ba6245088c725e98e656868c4fd1feb0cca53df0483475223cc82484eb4831d917bb71e83f0f0957ac8b7b1bfd19fa64be1cb4bd2d6c2965ffb07

    • SSDEEP

      192:+/TrG62a6B10k3g4fXk1iTV3HGc7EkpAqEjvu2q9C/YpXnAITZfPtRMB2U0:+ebFNw4Pk1itKkpAjjI2YpdmB2Z

    • Drops file in Drivers directory

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks