General

  • Target

    a57609aadb8c1a1107e8b8b3d2ceeb9b71145e923d75b5c5e54326a19aeb8abc

  • Size

    240KB

  • Sample

    230327-j5r81see4v

  • MD5

    7bf5551a26099545b56cabc6ba749951

  • SHA1

    985dc0a105f775ad0ba13675916806dc9899368f

  • SHA256

    a57609aadb8c1a1107e8b8b3d2ceeb9b71145e923d75b5c5e54326a19aeb8abc

  • SHA512

    0791684b86057cd4dc3e4dd9557c8ccc3a01c067a1dbac2ba2dad9dafc2f2f03d35b7d49d651eae7bdd2613ee5b184a2fbadc546f76a105bd49209428ce973f3

  • SSDEEP

    6144:+NjUKrp2/BeT0guER7Qq+cAngW+3DHBtrN:+N/pQBeT0gRpQq+83DHBl

Malware Config

Targets

    • Target

      a57609aadb8c1a1107e8b8b3d2ceeb9b71145e923d75b5c5e54326a19aeb8abc

    • Size

      240KB

    • MD5

      7bf5551a26099545b56cabc6ba749951

    • SHA1

      985dc0a105f775ad0ba13675916806dc9899368f

    • SHA256

      a57609aadb8c1a1107e8b8b3d2ceeb9b71145e923d75b5c5e54326a19aeb8abc

    • SHA512

      0791684b86057cd4dc3e4dd9557c8ccc3a01c067a1dbac2ba2dad9dafc2f2f03d35b7d49d651eae7bdd2613ee5b184a2fbadc546f76a105bd49209428ce973f3

    • SSDEEP

      6144:+NjUKrp2/BeT0guER7Qq+cAngW+3DHBtrN:+N/pQBeT0gRpQq+83DHBl

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Sets desktop wallpaper using registry

MITRE ATT&CK Enterprise v6

Tasks