General

  • Target

    5fd23c0c8d52a04bb39a5a3e592266e2d1181b7eec9e3241ae953c934e1e9355

  • Size

    7.3MB

  • Sample

    240610-2kplhatcmh

  • MD5

    93a7c970265e8192ad6fa96added6ab6

  • SHA1

    29b6ef675fe2da6824874d1d9f0aa0fecf29496c

  • SHA256

    5fd23c0c8d52a04bb39a5a3e592266e2d1181b7eec9e3241ae953c934e1e9355

  • SHA512

    b147c4fe5c95d2e07f807a117ff69a48fb63ad09705ab44132ac8b9ed6d17f3e154675dd8bd393bc02bca3028bcbb69ae8e26e11052bfb83e4f0231dea8dbc39

  • SSDEEP

    98304:dtzqBZMMEM0MUMRMxMwMkfqbjxbSzGVr4W11/KsZfGpWqOJwNZ:LqBZtlV1qKpkfqbjeGVr4wZfNnJwv

Score
10/10

Malware Config

Targets

    • Target

      5fd23c0c8d52a04bb39a5a3e592266e2d1181b7eec9e3241ae953c934e1e9355

    • Size

      7.3MB

    • MD5

      93a7c970265e8192ad6fa96added6ab6

    • SHA1

      29b6ef675fe2da6824874d1d9f0aa0fecf29496c

    • SHA256

      5fd23c0c8d52a04bb39a5a3e592266e2d1181b7eec9e3241ae953c934e1e9355

    • SHA512

      b147c4fe5c95d2e07f807a117ff69a48fb63ad09705ab44132ac8b9ed6d17f3e154675dd8bd393bc02bca3028bcbb69ae8e26e11052bfb83e4f0231dea8dbc39

    • SSDEEP

      98304:dtzqBZMMEM0MUMRMxMwMkfqbjxbSzGVr4W11/KsZfGpWqOJwNZ:LqBZtlV1qKpkfqbjeGVr4wZfNnJwv

    Score
    9/10
    • Detects executables containing URLs to raw contents of a Github gist

    • Renames multiple (198) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • UPX dump on OEP (original entry point)

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks