Resubmissions

27-10-2022 16:11

221027-tm2pvacfh9 10

23-10-2022 23:24

221023-3d7deadchp 8

General

  • Target

    435a917a2ad1adbe35e97247d7c2dc0d50be12b2d1a311d5b2a7b28dd315fc33.bin.sample

  • Size

    225KB

  • Sample

    221023-3d7deadchp

  • MD5

    e86b3398333384aaffd32c1444dde9d0

  • SHA1

    4ed7e2362fb149e5d5c3a261400f1e6e6f04628d

  • SHA256

    435a917a2ad1adbe35e97247d7c2dc0d50be12b2d1a311d5b2a7b28dd315fc33

  • SHA512

    eb9c20f2610d2ff008dd3d7a0596ef5ada56b2c121bf635eb8247a049b829f947b0a514c0052399e47662a526325b3b9e8c916c009f42d5279e90040a28932ec

  • SSDEEP

    3072:dieIAGyEGGmgvevzpxBt0uZ8z43gBVN2qvI6vQF5ovTsno:d5qedM43wVN2g3gno

Malware Config

Targets

    • Target

      435a917a2ad1adbe35e97247d7c2dc0d50be12b2d1a311d5b2a7b28dd315fc33.bin.sample

    • Size

      225KB

    • MD5

      e86b3398333384aaffd32c1444dde9d0

    • SHA1

      4ed7e2362fb149e5d5c3a261400f1e6e6f04628d

    • SHA256

      435a917a2ad1adbe35e97247d7c2dc0d50be12b2d1a311d5b2a7b28dd315fc33

    • SHA512

      eb9c20f2610d2ff008dd3d7a0596ef5ada56b2c121bf635eb8247a049b829f947b0a514c0052399e47662a526325b3b9e8c916c009f42d5279e90040a28932ec

    • SSDEEP

      3072:dieIAGyEGGmgvevzpxBt0uZ8z43gBVN2qvI6vQF5ovTsno:d5qedM43wVN2g3gno

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v6

Tasks