General

  • Target

    ffec0daa9b4f6288af183e0cc69ad8df5d8a64e216cb682df39900de75edc919

  • Size

    153KB

  • Sample

    240614-g8pk7ascnp

  • MD5

    0645d3f40964ef5c94b7af7cd1eb81c3

  • SHA1

    ca3966ceece09b04be03a5502a61c623ceade1af

  • SHA256

    ffec0daa9b4f6288af183e0cc69ad8df5d8a64e216cb682df39900de75edc919

  • SHA512

    20dbd06a91161c542cba884a0ad44085411bb9ba5baf251726db0b3ac4f7402fe8ea827e1f8d9c0779bf7768bf704c9df331cf90be0aed71ce5553d312525a76

  • SSDEEP

    3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZHfFpsJOfFpsJUe7WpMaxeb0CYJ97lEYNR73a:RqKvb0CYJ973e+eKZqqKvb0CYJ973e+q

Score
9/10

Malware Config

Targets

    • Target

      ffec0daa9b4f6288af183e0cc69ad8df5d8a64e216cb682df39900de75edc919

    • Size

      153KB

    • MD5

      0645d3f40964ef5c94b7af7cd1eb81c3

    • SHA1

      ca3966ceece09b04be03a5502a61c623ceade1af

    • SHA256

      ffec0daa9b4f6288af183e0cc69ad8df5d8a64e216cb682df39900de75edc919

    • SHA512

      20dbd06a91161c542cba884a0ad44085411bb9ba5baf251726db0b3ac4f7402fe8ea827e1f8d9c0779bf7768bf704c9df331cf90be0aed71ce5553d312525a76

    • SSDEEP

      3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZHfFpsJOfFpsJUe7WpMaxeb0CYJ97lEYNR73a:RqKvb0CYJ973e+eKZqqKvb0CYJ973e+q

    Score
    9/10
    • Renames multiple (4156) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks