General
-
Target
sample
-
Size
19KB
-
Sample
240426-w4p4gshe62
-
MD5
803404f348f33c401807e6822084ce6f
-
SHA1
4248d5fde683ed1c448c10ecef8fcf632c22a0bf
-
SHA256
4a00fa20b07e039adaecf78a1cad8c7e28851551345c882bead02acd25800029
-
SHA512
ffdd27d1882892f485575e66669fa30cf2f4ad2b02f5470842470ec5f013c9cf9d28611b394e46178cc8f0a6d48cffa329d4cfbb857b3781c94b0eb9d843a54a
-
SSDEEP
384:rqrzGDpmReVoOs49i9ylKeGMbU8Hhhbze0m7yS2LjMrSQ+AVJCBXQL:rezGBVoOs49myI1MjBhbaTWMrSeJQQL
Malware Config
Targets
-
-
Target
sample
-
Size
19KB
-
MD5
803404f348f33c401807e6822084ce6f
-
SHA1
4248d5fde683ed1c448c10ecef8fcf632c22a0bf
-
SHA256
4a00fa20b07e039adaecf78a1cad8c7e28851551345c882bead02acd25800029
-
SHA512
ffdd27d1882892f485575e66669fa30cf2f4ad2b02f5470842470ec5f013c9cf9d28611b394e46178cc8f0a6d48cffa329d4cfbb857b3781c94b0eb9d843a54a
-
SSDEEP
384:rqrzGDpmReVoOs49i9ylKeGMbU8Hhhbze0m7yS2LjMrSQ+AVJCBXQL:rezGBVoOs49myI1MjBhbaTWMrSeJQQL
Score10/10-
BadRabbit
Ransomware family discovered in late 2017, mainly targeting Russia and Ukraine.
-
Mimikatz
mimikatz is an open source tool to dump credentials on Windows.
-
mimikatz is an open source tool to dump credentials on Windows
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Legitimate hosting services abused for malware hosting/C2
-