Resubmissions

10-11-2022 09:01

221110-kyxetsacgl 10

31-10-2022 17:01

221031-vjjkjacdbq 8

General

  • Target

    b102ed1018de0b7faea37ca86f27ba3025c0c70f28417ac3e9ef09d32617f801.exe

  • Size

    32KB

  • Sample

    221031-vjjkjacdbq

  • MD5

    6468ee100d88c71d55dfdcf4e30f991e

  • SHA1

    5c520d2d7dc4c9e5d536d3aff998185657d40ac8

  • SHA256

    b102ed1018de0b7faea37ca86f27ba3025c0c70f28417ac3e9ef09d32617f801

  • SHA512

    41913eb5adaab42c7ebff547421c0faedede5a3356cb2aa8b92ab20320f73766101056853f450435281cf31e7f32603c62fbd88fa3a680b19abda5d8cc9a98ae

  • SSDEEP

    768:QzG3EG0IUJrd6dQar/MjfW33AMar6q3Fu:QKEG4Jx6Ky/Mjo3AMa13U

Malware Config

Targets

    • Target

      b102ed1018de0b7faea37ca86f27ba3025c0c70f28417ac3e9ef09d32617f801.exe

    • Size

      32KB

    • MD5

      6468ee100d88c71d55dfdcf4e30f991e

    • SHA1

      5c520d2d7dc4c9e5d536d3aff998185657d40ac8

    • SHA256

      b102ed1018de0b7faea37ca86f27ba3025c0c70f28417ac3e9ef09d32617f801

    • SHA512

      41913eb5adaab42c7ebff547421c0faedede5a3356cb2aa8b92ab20320f73766101056853f450435281cf31e7f32603c62fbd88fa3a680b19abda5d8cc9a98ae

    • SSDEEP

      768:QzG3EG0IUJrd6dQar/MjfW33AMar6q3Fu:QKEG4Jx6Ky/Mjo3AMa13U

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v6

Tasks