General

  • Target

    5b40e3fc4bf2f9d2a2be6638fed001457dcce46f8ef0f25f75039c1cc6a0b349N

  • Size

    166KB

  • Sample

    240921-ck246azfph

  • MD5

    62b25a2eceee57a891ca602ce29155a0

  • SHA1

    e5e1d651924b2432e7cedc8e3abea0fea34bdb42

  • SHA256

    5b40e3fc4bf2f9d2a2be6638fed001457dcce46f8ef0f25f75039c1cc6a0b349

  • SHA512

    8a439bac3fc5790387e75aa1a7760517913b6926831f83e9b54e38c9c525b537a9a9c447320cc204fc47ab9d4eeced3196264b12effc9cd8af8496b369f68175

  • SSDEEP

    1536:W7Z9pApQESOHepOHe8G+6E65dyGdykNdNBKggl7Z9pApQESOHepOHe8G+6E65dyD:69WpQE0zxgv9WpQE0zxgL

Score
9/10

Malware Config

Targets

    • Target

      5b40e3fc4bf2f9d2a2be6638fed001457dcce46f8ef0f25f75039c1cc6a0b349N

    • Size

      166KB

    • MD5

      62b25a2eceee57a891ca602ce29155a0

    • SHA1

      e5e1d651924b2432e7cedc8e3abea0fea34bdb42

    • SHA256

      5b40e3fc4bf2f9d2a2be6638fed001457dcce46f8ef0f25f75039c1cc6a0b349

    • SHA512

      8a439bac3fc5790387e75aa1a7760517913b6926831f83e9b54e38c9c525b537a9a9c447320cc204fc47ab9d4eeced3196264b12effc9cd8af8496b369f68175

    • SSDEEP

      1536:W7Z9pApQESOHepOHe8G+6E65dyGdykNdNBKggl7Z9pApQESOHepOHe8G+6E65dyD:69WpQE0zxgv9WpQE0zxgL

    Score
    9/10
    • Renames multiple (1040) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks