General

  • Target

    bf5f4d7b6ef1fdb903677e4ede04fb49952e08cee79822b9b53642bb5d1e6f02

  • Size

    4.6MB

  • Sample

    221207-m5h7wsdg2x

  • MD5

    cfd31737ccacf6e9a0e2ac18cf3445ac

  • SHA1

    74c615ca54aaff3c5e6734efef04259290c357ba

  • SHA256

    bf5f4d7b6ef1fdb903677e4ede04fb49952e08cee79822b9b53642bb5d1e6f02

  • SHA512

    a2d1cae0864e66f92c10932df8dd5782ad47579404a6f9112d0e0f7287427fe56dc70aadf77baf8d9e5665cbc5eb26ee58ad9f401b0164cbf054a581c8bda98f

  • SSDEEP

    98304:OOTXCHbq9evuviwF+Mc42HfPt5Sqg9pkJ9:3LCHbqwvuvi40HN5Tgi9

Malware Config

Targets

    • Target

      bf5f4d7b6ef1fdb903677e4ede04fb49952e08cee79822b9b53642bb5d1e6f02

    • Size

      4.6MB

    • MD5

      cfd31737ccacf6e9a0e2ac18cf3445ac

    • SHA1

      74c615ca54aaff3c5e6734efef04259290c357ba

    • SHA256

      bf5f4d7b6ef1fdb903677e4ede04fb49952e08cee79822b9b53642bb5d1e6f02

    • SHA512

      a2d1cae0864e66f92c10932df8dd5782ad47579404a6f9112d0e0f7287427fe56dc70aadf77baf8d9e5665cbc5eb26ee58ad9f401b0164cbf054a581c8bda98f

    • SSDEEP

      98304:OOTXCHbq9evuviwF+Mc42HfPt5Sqg9pkJ9:3LCHbqwvuvi40HN5Tgi9

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks