General

  • Target

    5e5f487c4ee92e7db8ac35bd0c4c9e8c44181db92a4be916044cf5c17d4a429b

  • Size

    194KB

  • Sample

    240614-1v2hda1fjq

  • MD5

    b4548f9cf25d949021d7d9c0257e8aee

  • SHA1

    46463c0323dc6ca80d7d66042d025550c3686922

  • SHA256

    5e5f487c4ee92e7db8ac35bd0c4c9e8c44181db92a4be916044cf5c17d4a429b

  • SHA512

    4583fa16dc9dca957fd51b35457984ff20394a7492ad4a72ca6358bc23de64c625dc8fc12ed598db57a874f4a7f16ea2e628225731e28e23b4461121c8578f8c

  • SSDEEP

    3072:6rWpcOPxPke+e3fFpsJOfFpsJbgE0rWpcOPxPke+e3fFpsJOfFpsJbgEr:tFPxPke+eITFPxPke+eIr

Score
9/10

Malware Config

Targets

    • Target

      5e5f487c4ee92e7db8ac35bd0c4c9e8c44181db92a4be916044cf5c17d4a429b

    • Size

      194KB

    • MD5

      b4548f9cf25d949021d7d9c0257e8aee

    • SHA1

      46463c0323dc6ca80d7d66042d025550c3686922

    • SHA256

      5e5f487c4ee92e7db8ac35bd0c4c9e8c44181db92a4be916044cf5c17d4a429b

    • SHA512

      4583fa16dc9dca957fd51b35457984ff20394a7492ad4a72ca6358bc23de64c625dc8fc12ed598db57a874f4a7f16ea2e628225731e28e23b4461121c8578f8c

    • SSDEEP

      3072:6rWpcOPxPke+e3fFpsJOfFpsJbgE0rWpcOPxPke+e3fFpsJOfFpsJbgEr:tFPxPke+eITFPxPke+eIr

    Score
    9/10
    • Renames multiple (3503) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks