General

  • Target

    775c6754c8d3d5d52dd440b3836ab630.bin

  • Size

    329KB

  • Sample

    240309-bh2j6sba54

  • MD5

    775c6754c8d3d5d52dd440b3836ab630

  • SHA1

    76faa9586af33ff4e223b6d7dc230437fb776f50

  • SHA256

    41afa27930f0d584b6adbbecd334f4c0cb871bb22f2b8225ce998dd6db04b405

  • SHA512

    6192b9bbaa1edfb46bce87e2cfb659e6be297317ebcfa43c8ad247ec8500d88995e04b82b8be127b3e9e614c9709fa37c8ec41dea0bf007041e7ec4ac8005b77

  • SSDEEP

    3072:UyDy05xe3ODm2wJyDy05xe3ODm2GWyljMkv5+5soU3Od3ODeXG/BoLyS:UtjZtjAuV/kNz

Malware Config

Extracted

Path

/Users/run/Desktop/READ_ME_NOW.txt

Ransom Note
YOUR IMPORTANT FILES ARE ENCRYPTED Many of your documents, photos, videos, images and other files are no longer accessible because they have been encrypted. Maybe you are busy looking for a way to recover your files, but do not waste your time. Nobody can recover your file without our decryption service. We use 256-bit AES algorithm so it will take you more than a billion years to break this encryption without knowing the key (you can read Wikipedia about AES if you don't believe this statement). Anyways, we guarantee that you can recover your files safely and easily. This will require us to use some processing power, electricity and storage on our side, so there's a fixed processing fee of 50 USD. This is a one-time payment, no additional fees included. In order to accept this offer, you have to deposit payment within 72 hours (3 days) after receiving this message, otherwise this offer will expire and you will lose your files forever. Payment has to be deposited in Bitcoin based on Bitcoin/USD exchange rate at the moment of payment. The address you have to make payment is: 13roGMpWd7Pb3ZoJyce8eoQpfegQvGHHK7 Decryption will start automatically within 2 hours after the payment has been processed and will take from 2 to 5 hours depending on the processing power of your computer. After that all of your files will be restored. THIS OFFER IS VALID FOR 72 HOURS AFTER RECEIVING THIS MESSAGE
Wallets

13roGMpWd7Pb3ZoJyce8eoQpfegQvGHHK7

Targets

    • Target

      775c6754c8d3d5d52dd440b3836ab630.bin

    • Size

      329KB

    • MD5

      775c6754c8d3d5d52dd440b3836ab630

    • SHA1

      76faa9586af33ff4e223b6d7dc230437fb776f50

    • SHA256

      41afa27930f0d584b6adbbecd334f4c0cb871bb22f2b8225ce998dd6db04b405

    • SHA512

      6192b9bbaa1edfb46bce87e2cfb659e6be297317ebcfa43c8ad247ec8500d88995e04b82b8be127b3e9e614c9709fa37c8ec41dea0bf007041e7ec4ac8005b77

    • SSDEEP

      3072:UyDy05xe3ODm2wJyDy05xe3ODm2GWyljMkv5+5soU3Od3ODeXG/BoLyS:UtjZtjAuV/kNz

MITRE ATT&CK Enterprise v15

Tasks