General

  • Target

    c3d32069bab193192a4ae5dfc78a5ae0N.exe

  • Size

    109KB

  • Sample

    240825-ltp1mazcqj

  • MD5

    c3d32069bab193192a4ae5dfc78a5ae0

  • SHA1

    460866b3c71edafc299163f26dce6fd88bf51322

  • SHA256

    5704b04b66a550743f79bb2020c35b274441f2797c3fc751885fb99ecb832d02

  • SHA512

    98d7951d81f7d656ddf88fd3c0365455a89643f82cb7e53ef5388d8a0d24504b858b5db229e65382bb428d4ea0156204d06d461b1f261223510b58a0944e6fa8

  • SSDEEP

    1536:V7Zf/FAxTWoJJ7TTQoQCVyS4AO2Zp9r/uvAM:fny1oRBS4AO+fuvAM

Malware Config

Targets

    • Target

      c3d32069bab193192a4ae5dfc78a5ae0N.exe

    • Size

      109KB

    • MD5

      c3d32069bab193192a4ae5dfc78a5ae0

    • SHA1

      460866b3c71edafc299163f26dce6fd88bf51322

    • SHA256

      5704b04b66a550743f79bb2020c35b274441f2797c3fc751885fb99ecb832d02

    • SHA512

      98d7951d81f7d656ddf88fd3c0365455a89643f82cb7e53ef5388d8a0d24504b858b5db229e65382bb428d4ea0156204d06d461b1f261223510b58a0944e6fa8

    • SSDEEP

      1536:V7Zf/FAxTWoJJ7TTQoQCVyS4AO2Zp9r/uvAM:fny1oRBS4AO+fuvAM

    • Renames multiple (2848) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks