General

  • Target

    1cc3b2946bb008c7f0b18225696b2e492b627725a3f4ead9ffb6e49346ca1325

  • Size

    50KB

  • Sample

    221209-fsq9eacd47

  • MD5

    32bd793c65117c065f48115340d6d899

  • SHA1

    be86049db96ed942e32f394c5ca55b1ce16fec77

  • SHA256

    1cc3b2946bb008c7f0b18225696b2e492b627725a3f4ead9ffb6e49346ca1325

  • SHA512

    3a5fe1cdc94e054b8c81b0d0fa0eef22abdcd812dfdeb00c19ac8ab7e590693d78ddeb976e32b791494d30d239f4fc319b3bd5b3ac93ef59c371d6fe03dd6dc9

  • SSDEEP

    768:kivuye1kVtGBk6P/v7nWlHznbkVwrEKD9yDwxVSHrowNI2tG6o/t84B5Gf:5eytM3alnawrRIwxVSHMweio3Yf

Malware Config

Extracted

Path

C:\readme.txt

Ransom Note
Attention! All your files, documents, photos, databases and other important files are encrypted The only method of recovering files is to purchase an unique decryptor. Only we can give you this decryptor and only we can recover your files. The server with your decryptor is in a closed network TOR. You can get there by the following ways: ---------------------------------------------------------------------------------------- 1. Download Tor browser - https://www.torproject.org/ 2. Install Tor browser 3. Open Tor Browser 4. Open link in TOR browser: http://obzuqvr5424kkc4unbq2p2i67ny3zngce3tbdr37nicjqesgqcgomfqd.onion/?ST2GHJLMOPR 5. and open ticket ---------------------------------------------------------------------------------------- Alternate communication channel here: https://yip.su/2QstD5 ��C0 FC 8E 48 41 19 95 84 57 C5 94 CF C2 12 C4 66 06 DD CE 31 99 8A 6E 53 88 95 5C 05 B3 65 59 FD F9 D3 3C 52 3F F8 42 5B D4 7A CA 9F E4 1E EA E0 A0 CA 97 97 CE C2 94 98 A9 9A 4B A4 25 A1 12 3E 78 5D CE 20 39 15 F5 FF 22 A3 8A 09 22 13 4D 6A 85 8E E9 5F DA E6 1D A4 A9 8A 7A E9 FE 4D A0 E7 F5 31 4C 5B B4 20 11 E1 5F 53 4E 77 3B 89 76 79 F2 8B 46 28 B1 F9 8F 36 4E 97 09 B5 1D A6 D9 1E 97 FE E9 9F A3 A1 F8 3A E9 D5 6F EC 4A 23 5B 5C 52 07 38 4E 4D 57 91 9C F5 6E 17 CC 9D 82 65 EE FF CA A2 DD 50 95 E1 1D 81 1C 33 72 3F C4 BD AA 4E E7 16 93 9A 6D 68 AB A2 3A F2 C9 24 36 41 8F 08 A4 80 0F 62 3B 30 1E 4B 63 AB B9 1B 89 61 9C 2D 14 57 9C 6B 8A 2D 69 89 B4 C2 7F 6A 47 81 8B E7 63 6A FE 26 A9 71 94 4B 16 D5 CC BB D2 CE AC 48 A9 A9 C8 96 72 95 0C E7 7A 56 BC 64 A3 56 AB
URLs

http://obzuqvr5424kkc4unbq2p2i67ny3zngce3tbdr37nicjqesgqcgomfqd.onion/?ST2GHJLMOPR

https://yip.su/2QstD5

Targets

    • Target

      1cc3b2946bb008c7f0b18225696b2e492b627725a3f4ead9ffb6e49346ca1325

    • Size

      50KB

    • MD5

      32bd793c65117c065f48115340d6d899

    • SHA1

      be86049db96ed942e32f394c5ca55b1ce16fec77

    • SHA256

      1cc3b2946bb008c7f0b18225696b2e492b627725a3f4ead9ffb6e49346ca1325

    • SHA512

      3a5fe1cdc94e054b8c81b0d0fa0eef22abdcd812dfdeb00c19ac8ab7e590693d78ddeb976e32b791494d30d239f4fc319b3bd5b3ac93ef59c371d6fe03dd6dc9

    • SSDEEP

      768:kivuye1kVtGBk6P/v7nWlHznbkVwrEKD9yDwxVSHrowNI2tG6o/t84B5Gf:5eytM3alnawrRIwxVSHMweio3Yf

MITRE ATT&CK Enterprise v6

Tasks