General

  • Target

    f520e33af8f7965d2da39e595b8b992e4910a83c860d9c865563cfbe320b13b4

  • Size

    195KB

  • Sample

    240617-erb8esxfqj

  • MD5

    b86f07264e571495faab33de2cf2195f

  • SHA1

    343c2e32fb04e2077f0fb1e8671ca16595ea38f9

  • SHA256

    f520e33af8f7965d2da39e595b8b992e4910a83c860d9c865563cfbe320b13b4

  • SHA512

    2f2bbfa5d9daa5d32fd01e5a6bd4c4acfa7803dd73704f30d0c87643182b9f1fc90bb077d8f4d4cb626506e997773c53aa8f2b73aa09bb4b1bfa6c35d126ea1f

  • SSDEEP

    3072:6rWpcOPxPke+e3fFpsJOfFpsJbgEErWpcOPxPke+e3fFpsJOfFpsJbgE7:tFPxPke+eIjFPxPke+eI7

Score
9/10

Malware Config

Targets

    • Target

      f520e33af8f7965d2da39e595b8b992e4910a83c860d9c865563cfbe320b13b4

    • Size

      195KB

    • MD5

      b86f07264e571495faab33de2cf2195f

    • SHA1

      343c2e32fb04e2077f0fb1e8671ca16595ea38f9

    • SHA256

      f520e33af8f7965d2da39e595b8b992e4910a83c860d9c865563cfbe320b13b4

    • SHA512

      2f2bbfa5d9daa5d32fd01e5a6bd4c4acfa7803dd73704f30d0c87643182b9f1fc90bb077d8f4d4cb626506e997773c53aa8f2b73aa09bb4b1bfa6c35d126ea1f

    • SSDEEP

      3072:6rWpcOPxPke+e3fFpsJOfFpsJbgEErWpcOPxPke+e3fFpsJOfFpsJbgE7:tFPxPke+eIjFPxPke+eI7

    Score
    9/10
    • Renames multiple (3719) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks