General
-
Target
6cd338d71c9b2e482089e164a2d58f03e0619734b4436fb745df4f57527eeed6.bin.sample.gz
-
Size
4KB
-
Sample
240930-fx413atfpb
-
MD5
30cefd139ec87a160b2a16e7ace84b87
-
SHA1
e5a0aa2d3e58e6c40a11553c5e554dc8901058ac
-
SHA256
ac912d8d7b51eb2e29f72dd9fa1c99c99ee897d45acb60b3ffcd0ec436c1ade4
-
SHA512
716c88313805c1fccb97524807c13c977022f01de03460a52a92a3edada34952539d82c472d1bd19130ddef2322afa88d349bb224b12a4d0dadcb075d054c916
-
SSDEEP
96:HKXwm+aaOD1FQVtxggQdXsvrxIHolSt9b+U0V1Kvu:IsaTD1FSxtSAWSStT8X
Malware Config
Targets
-
-
Target
sample
-
Size
10KB
-
MD5
0e7215901aa61f182a5d229d289b073a
-
SHA1
a34cea415bc7d07d93c6b1b02e2a2349fc3b38b8
-
SHA256
6cd338d71c9b2e482089e164a2d58f03e0619734b4436fb745df4f57527eeed6
-
SHA512
d2d20855e7365c9db534b9c70e687c65503147619b18656fcd461424dcb7ccac32b4d5de029e7676037e78d9b2bb616688763b16559f262a34f0d11415c0b203
-
SSDEEP
192:X7slLwEkBoDGZu6qdkXn3sHBrDPNCGmkVQLrF:AV8+G4dk30XYoVor
Score9/10-
Renames multiple (276) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Sets desktop wallpaper using registry
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1