Resubmissions

19-10-2022 03:48

221019-ec8yvaeef6 10

19-10-2022 02:40

221019-c5ymgafael 10

General

  • Target

    e7f633e9cdf859c70e43c16d598bb6499a1f7d89e6fbef0f45caabd50b9fe9bc

  • Size

    12KB

  • Sample

    221019-ec8yvaeef6

  • MD5

    6d05743e48bd5ac08a9cf62b06fce6ee

  • SHA1

    c56b8326df96bedcc928c5595d8dd92ba2a08c41

  • SHA256

    e7f633e9cdf859c70e43c16d598bb6499a1f7d89e6fbef0f45caabd50b9fe9bc

  • SHA512

    7481a9aef47bf9cda1e86e0afdf4a189d7ed13a49128d31ea972da268a7dcb640c85dad9e7d169a883b93a0bdffb994aa31e23e2cdaf1e964e85d47243bcf216

  • SSDEEP

    192:e/TrG62a6B10k3g4fXk1iTV3HGc7EkpAqEjvu2q9C/YpXnAITZfPtRMCIqGqUI:eebFNw4Pk1itKkpAjjI2YpdmCIEUI

Malware Config

Targets

    • Target

      e7f633e9cdf859c70e43c16d598bb6499a1f7d89e6fbef0f45caabd50b9fe9bc

    • Size

      12KB

    • MD5

      6d05743e48bd5ac08a9cf62b06fce6ee

    • SHA1

      c56b8326df96bedcc928c5595d8dd92ba2a08c41

    • SHA256

      e7f633e9cdf859c70e43c16d598bb6499a1f7d89e6fbef0f45caabd50b9fe9bc

    • SHA512

      7481a9aef47bf9cda1e86e0afdf4a189d7ed13a49128d31ea972da268a7dcb640c85dad9e7d169a883b93a0bdffb994aa31e23e2cdaf1e964e85d47243bcf216

    • SSDEEP

      192:e/TrG62a6B10k3g4fXk1iTV3HGc7EkpAqEjvu2q9C/YpXnAITZfPtRMCIqGqUI:eebFNw4Pk1itKkpAjjI2YpdmCIEUI

    • Drops file in Drivers directory

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks