General

  • Target

    5f2255df1a120d24ffe9adfe38cdcff2354f814e0cf7c7d92ce44fce5d3cd0ca

  • Size

    97KB

  • Sample

    240610-2jzp3stgjn

  • MD5

    46b6605f78b74e9bcef9cb6788b9de0e

  • SHA1

    7d2f8ca77e16b3689d1172dbc3d7ef5037cce3cc

  • SHA256

    5f2255df1a120d24ffe9adfe38cdcff2354f814e0cf7c7d92ce44fce5d3cd0ca

  • SHA512

    69b7e6089bc82e5cd1852a07ccc36d02e729a24e98db05108e47c2b6526c7608f386e047f2fb15b5d081c5bc68cc08fe8b968373c357eafdee26a452707eafdf

  • SSDEEP

    1536:CTWn1++PJHJXA/OsIZfzc3/Q8zxITWn1++PJHJXA/OsIZfzc3/Q8zxKKZKm:KQSoJQSoLKZKm

Score
10/10

Malware Config

Targets

    • Target

      5f2255df1a120d24ffe9adfe38cdcff2354f814e0cf7c7d92ce44fce5d3cd0ca

    • Size

      97KB

    • MD5

      46b6605f78b74e9bcef9cb6788b9de0e

    • SHA1

      7d2f8ca77e16b3689d1172dbc3d7ef5037cce3cc

    • SHA256

      5f2255df1a120d24ffe9adfe38cdcff2354f814e0cf7c7d92ce44fce5d3cd0ca

    • SHA512

      69b7e6089bc82e5cd1852a07ccc36d02e729a24e98db05108e47c2b6526c7608f386e047f2fb15b5d081c5bc68cc08fe8b968373c357eafdee26a452707eafdf

    • SSDEEP

      1536:CTWn1++PJHJXA/OsIZfzc3/Q8zxITWn1++PJHJXA/OsIZfzc3/Q8zxKKZKm:KQSoJQSoLKZKm

    Score
    9/10
    • Renames multiple (5365) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks