General

  • Target

    b77a20d80ae5e93b96146b4c8f6560b48f0bb4f79d09005cfc4fddaa04fa6d4cN

  • Size

    824KB

  • Sample

    240930-zgcfnathnp

  • MD5

    d2c9fbe605bd3f1331cd5cbb64fd9570

  • SHA1

    5e90cc8a3f96532ed6863bc2d62f7fd71ae9b756

  • SHA256

    b77a20d80ae5e93b96146b4c8f6560b48f0bb4f79d09005cfc4fddaa04fa6d4c

  • SHA512

    5c691b90c19959796da18ea85f78c8c6fe351badedd5ccb9b5105ae427988301a0f70ff95ba82ac030be827da26474645f3054c5a8fdfa441c618a8cbfe1c7c3

  • SSDEEP

    12288:OwCBtLC+EptUpQ9SeSChq3YvxFBSSRMT8PTp4ihozEY888888888888W8888888J:eNzCtUpQ9WWPBSSRMTEpXNy

Score
10/10

Malware Config

Targets

    • Target

      b77a20d80ae5e93b96146b4c8f6560b48f0bb4f79d09005cfc4fddaa04fa6d4cN

    • Size

      824KB

    • MD5

      d2c9fbe605bd3f1331cd5cbb64fd9570

    • SHA1

      5e90cc8a3f96532ed6863bc2d62f7fd71ae9b756

    • SHA256

      b77a20d80ae5e93b96146b4c8f6560b48f0bb4f79d09005cfc4fddaa04fa6d4c

    • SHA512

      5c691b90c19959796da18ea85f78c8c6fe351badedd5ccb9b5105ae427988301a0f70ff95ba82ac030be827da26474645f3054c5a8fdfa441c618a8cbfe1c7c3

    • SSDEEP

      12288:OwCBtLC+EptUpQ9SeSChq3YvxFBSSRMT8PTp4ihozEY888888888888W8888888J:eNzCtUpQ9WWPBSSRMTEpXNy

    Score
    10/10
    • Detects Renamer worm.

      Renamer aka Grename is worm written in Delphi.

    • Renamer, Grenam

      Renamer aka Grenam is a worm written in Delphi.

    • Drops startup file

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v15

Tasks