General

  • Target

    cd9043078904e0e90139262aa20a14c913ce18342e4d5c693295b9807001e301

  • Size

    148KB

  • Sample

    240617-cv81fszenb

  • MD5

    59abe0fad10d3e82efbf333ff68652ca

  • SHA1

    add29e009f2f481f980358c545049484424f8965

  • SHA256

    cd9043078904e0e90139262aa20a14c913ce18342e4d5c693295b9807001e301

  • SHA512

    b6f20989667eeb7aa199ce80b95e891ca51c6169773d6a64430899b613020205fc8d9fb748f4f63cc322eea32d8e8bccd36f5fd98edf8d50197a470db90efab7

  • SSDEEP

    1536:a7ZyqaFAlsr1++PJHJXFAIuZAIu97ZyqaFAlsr1++PJHJXFAIuZAIuT:enaym3AIuZAIuHnaym3AIuZAIuT

Score
10/10

Malware Config

Targets

    • Target

      cd9043078904e0e90139262aa20a14c913ce18342e4d5c693295b9807001e301

    • Size

      148KB

    • MD5

      59abe0fad10d3e82efbf333ff68652ca

    • SHA1

      add29e009f2f481f980358c545049484424f8965

    • SHA256

      cd9043078904e0e90139262aa20a14c913ce18342e4d5c693295b9807001e301

    • SHA512

      b6f20989667eeb7aa199ce80b95e891ca51c6169773d6a64430899b613020205fc8d9fb748f4f63cc322eea32d8e8bccd36f5fd98edf8d50197a470db90efab7

    • SSDEEP

      1536:a7ZyqaFAlsr1++PJHJXFAIuZAIu97ZyqaFAlsr1++PJHJXFAIuZAIuT:enaym3AIuZAIuHnaym3AIuZAIuT

    Score
    9/10
    • Renames multiple (4515) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks