Resubmissions

24-01-2023 13:50

230124-q5b1csca58 10

24-01-2023 13:46

230124-q2y1qaca48 10

24-11-2022 17:20

221124-vwk9wscd91 10

General

  • Target

    f484f919ba6e36ff33e4fb391b8859a94d89c172a465964f99d6113b55ced429.zip

  • Size

    1.3MB

  • Sample

    230124-q5b1csca58

  • MD5

    846274ff97d7e0bffcc993cab1851270

  • SHA1

    f5eac094d9eb8f1f691d66d1cfc1a9ada6548def

  • SHA256

    383eb4802490f4ffd47f7918d5cd237e69deed15f0ce2aba761f7120d7481037

  • SHA512

    861e4ad17b9f1ab53a94bf785b436bf3336218c1d5a9dcb41047b5ea8d7de549032727c4896b86e3ab8c7cdd410208e8999505a24dd09e9b2b75db7a4b13a3fa

  • SSDEEP

    24576:0yng4r50RMb/FuiExo7BOKoEfgPWy6wAxvXwgdqTYRpYeTDAeBu6QRaPm0LjeZFd:jg4rsMsVsHoEsW3dXwYAYrYeDz06zu0k

Malware Config

Targets

    • Target

      f484f919ba6e36ff33e4fb391b8859a94d89c172a465964f99d6113b55ced429.exe

    • Size

      2.9MB

    • MD5

      df0b88dafe7a65295f99e69a67db9e1b

    • SHA1

      db3163a09eb33ff4370ad162a05f4b2584a20456

    • SHA256

      f484f919ba6e36ff33e4fb391b8859a94d89c172a465964f99d6113b55ced429

    • SHA512

      2206969d222882dd8b7e3e5671311462266277d699e08e3016a7b3781b17390e8dd11956d8aaecae996a2c16227d7b2390eb84b9b8df26e39ffe8f38d5b76fbd

    • SSDEEP

      49152:cDVwASOLGtlqrRIU6i9+vazNqQlJZP1BMU2thA8mNtNCiJlrRUFcJ7HIPcLzkw5c:wm+GaNqqJJ12vlZol8cJ7rc3

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks