General

  • Target

    ec9b1204859dbd81f76d023a26e73d528bda7566352cf4f13047b3ba0b9e2f3c

  • Size

    177KB

  • Sample

    240614-gdw2saxbld

  • MD5

    665c18915c3f3a26539d0a2ecba7f851

  • SHA1

    126633045a60c1a8e711ccaa71e4bddc4b559c75

  • SHA256

    ec9b1204859dbd81f76d023a26e73d528bda7566352cf4f13047b3ba0b9e2f3c

  • SHA512

    dec295a0a88166cbffb85e6b1ccf267c9828fabadcb38e17e12c08ed4a9ec9c52951c85f19c783fcc21f70d24a3dfa4a20694fbb8fb9daa9c2da968624772fd1

  • SSDEEP

    3072:6DWpwE7oL2e+efZwZ08i8BDWpwE7oL2e+efZwZ08i8o:dN/e+efimJXN/e+efimJJ

Score
9/10

Malware Config

Targets

    • Target

      ec9b1204859dbd81f76d023a26e73d528bda7566352cf4f13047b3ba0b9e2f3c

    • Size

      177KB

    • MD5

      665c18915c3f3a26539d0a2ecba7f851

    • SHA1

      126633045a60c1a8e711ccaa71e4bddc4b559c75

    • SHA256

      ec9b1204859dbd81f76d023a26e73d528bda7566352cf4f13047b3ba0b9e2f3c

    • SHA512

      dec295a0a88166cbffb85e6b1ccf267c9828fabadcb38e17e12c08ed4a9ec9c52951c85f19c783fcc21f70d24a3dfa4a20694fbb8fb9daa9c2da968624772fd1

    • SSDEEP

      3072:6DWpwE7oL2e+efZwZ08i8BDWpwE7oL2e+efZwZ08i8o:dN/e+efimJXN/e+efimJJ

    Score
    9/10
    • Renames multiple (4515) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks