General

  • Target

    2860cb274cee1eae6eae5c9450d8e4bcbe587aae55254de6fc07d18f43435942

  • Size

    1.3MB

  • Sample

    221029-c2sxtahaa5

  • MD5

    cdb552de0953aeb2f00ec19779d8fca9

  • SHA1

    77783a28c1b3a64b63e8a77eb38837569aba344d

  • SHA256

    2860cb274cee1eae6eae5c9450d8e4bcbe587aae55254de6fc07d18f43435942

  • SHA512

    dec3617639354f149059e012c79324e7a04f761d3a62395a4451ebaec23e5960856f6fe8e6b044fb626fe6498691f666ff762a2b83ab140a12894f8526026440

  • SSDEEP

    24576:2kWAAuqpHpg3zjkH8KlOFnW8P6hr/PVF4z2UxvxVJZ0jEiuqtzNG64/0vJQag:2JJg33+1Qu/4KqvxbKtzV4sjg

Malware Config

Targets

    • Target

      2860cb274cee1eae6eae5c9450d8e4bcbe587aae55254de6fc07d18f43435942

    • Size

      1.3MB

    • MD5

      cdb552de0953aeb2f00ec19779d8fca9

    • SHA1

      77783a28c1b3a64b63e8a77eb38837569aba344d

    • SHA256

      2860cb274cee1eae6eae5c9450d8e4bcbe587aae55254de6fc07d18f43435942

    • SHA512

      dec3617639354f149059e012c79324e7a04f761d3a62395a4451ebaec23e5960856f6fe8e6b044fb626fe6498691f666ff762a2b83ab140a12894f8526026440

    • SSDEEP

      24576:2kWAAuqpHpg3zjkH8KlOFnW8P6hr/PVF4z2UxvxVJZ0jEiuqtzNG64/0vJQag:2JJg33+1Qu/4KqvxbKtzV4sjg

    • Detected Xorist Ransomware

    • Xorist Ransomware

      Xorist is a ransomware first seen in 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks