General

  • Target

    d36b4ceb110529e42d2918055d2c2290952d936c5803131f50e3cefd83b4f0c7

  • Size

    714KB

  • Sample

    240617-c5mvzavcrr

  • MD5

    ff00e90f5e7bc6641e82b6f2b2756484

  • SHA1

    8aba4a6917cd72712b47372f067bd2b1ef2842bb

  • SHA256

    d36b4ceb110529e42d2918055d2c2290952d936c5803131f50e3cefd83b4f0c7

  • SHA512

    39b22b64804bad9e6840418c00c8190e439c5d8b11b778d3f37b41e522cd39682fb280f0cced4429ef10597d40e8118d129bd112653ad4145b38554577ab3a97

  • SSDEEP

    12288:AihnMwHskY7gjcjhVIEhqgM7bWvcsi6aVdzIyFU40vy3W/ceKSHMsiFyY6XNt13:Ai1MysZgjS1hqgSC/izhfujymk4HM5yd

Score
9/10

Malware Config

Targets

    • Target

      d36b4ceb110529e42d2918055d2c2290952d936c5803131f50e3cefd83b4f0c7

    • Size

      714KB

    • MD5

      ff00e90f5e7bc6641e82b6f2b2756484

    • SHA1

      8aba4a6917cd72712b47372f067bd2b1ef2842bb

    • SHA256

      d36b4ceb110529e42d2918055d2c2290952d936c5803131f50e3cefd83b4f0c7

    • SHA512

      39b22b64804bad9e6840418c00c8190e439c5d8b11b778d3f37b41e522cd39682fb280f0cced4429ef10597d40e8118d129bd112653ad4145b38554577ab3a97

    • SSDEEP

      12288:AihnMwHskY7gjcjhVIEhqgM7bWvcsi6aVdzIyFU40vy3W/ceKSHMsiFyY6XNt13:Ai1MysZgjS1hqgSC/izhfujymk4HM5yd

    Score
    9/10
    • Renames multiple (3693) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks