General

  • Target

    c17da2d7a3f102a7ffa9fcf066aac920N.exe

  • Size

    77KB

  • Sample

    240825-l6smaaydkh

  • MD5

    c17da2d7a3f102a7ffa9fcf066aac920

  • SHA1

    f8fce482b00d17cfa4e17f7ab5fc34b3fa91d307

  • SHA256

    e9c20d391a7d7fdd2e299082e20b45e14b4a2598355a001a5b9ba7527d07b194

  • SHA512

    ec76c2c37e581e1e12ff52a374b8cdd26dec85e8910d4dc637e57a3d83bcd8c5fcb2049cea1f61008cc3e67722e7e9c58a7284e1f9059d9baa0dbac648125f8c

  • SSDEEP

    768:/7BlpQpARFbhJ/QQ37BlpQpARFbhJ/QQU:/7ZQpApt7ZQpApm

Score
9/10

Malware Config

Targets

    • Target

      c17da2d7a3f102a7ffa9fcf066aac920N.exe

    • Size

      77KB

    • MD5

      c17da2d7a3f102a7ffa9fcf066aac920

    • SHA1

      f8fce482b00d17cfa4e17f7ab5fc34b3fa91d307

    • SHA256

      e9c20d391a7d7fdd2e299082e20b45e14b4a2598355a001a5b9ba7527d07b194

    • SHA512

      ec76c2c37e581e1e12ff52a374b8cdd26dec85e8910d4dc637e57a3d83bcd8c5fcb2049cea1f61008cc3e67722e7e9c58a7284e1f9059d9baa0dbac648125f8c

    • SSDEEP

      768:/7BlpQpARFbhJ/QQ37BlpQpARFbhJ/QQU:/7ZQpApt7ZQpApm

    Score
    9/10
    • Renames multiple (4797) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks