General

  • Target

    ce79c3201c1bc9bb2d2cb2fa53304f9f972ae2085e6a47fbb78dd493b6b769fb

  • Size

    229KB

  • Sample

    240425-d22emaee35

  • MD5

    186859c4a251451ddde074d7395c1bab

  • SHA1

    0902c8d7595cfea928bb4c47a4712f58e9a5f542

  • SHA256

    ce79c3201c1bc9bb2d2cb2fa53304f9f972ae2085e6a47fbb78dd493b6b769fb

  • SHA512

    347956d4bac51b1220b293a202008e021bc3dddd6794fa23e578af6c5ba06155b8e419627a8f257df4f922724fc09d61eac25565de9b28f455585abc2384e758

  • SSDEEP

    3072:hfAIuZAIuYSMjoqtMHfhflixiJfAIuZAIuYSMjoqtMHfhflixiQ:hfAIuZAIuDMVtM/XfAIuZAIuDMVtM/+

Score
10/10

Malware Config

Targets

    • Target

      ce79c3201c1bc9bb2d2cb2fa53304f9f972ae2085e6a47fbb78dd493b6b769fb

    • Size

      229KB

    • MD5

      186859c4a251451ddde074d7395c1bab

    • SHA1

      0902c8d7595cfea928bb4c47a4712f58e9a5f542

    • SHA256

      ce79c3201c1bc9bb2d2cb2fa53304f9f972ae2085e6a47fbb78dd493b6b769fb

    • SHA512

      347956d4bac51b1220b293a202008e021bc3dddd6794fa23e578af6c5ba06155b8e419627a8f257df4f922724fc09d61eac25565de9b28f455585abc2384e758

    • SSDEEP

      3072:hfAIuZAIuYSMjoqtMHfhflixiJfAIuZAIuYSMjoqtMHfhflixiQ:hfAIuZAIuDMVtM/XfAIuZAIuDMVtM/+

    Score
    9/10
    • Renames multiple (4464) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks