General

  • Target

    18d976914758b677787aa0b41bf9a2eb1a96797086e0194daa4dee4808db3937

  • Size

    97KB

  • Sample

    241005-xrqpxsvblc

  • MD5

    729375c14de65c2de539c55ae95e4895

  • SHA1

    126a4e6956ec0af7416d2db7242e8d7aa86bed38

  • SHA256

    18d976914758b677787aa0b41bf9a2eb1a96797086e0194daa4dee4808db3937

  • SHA512

    9ad7a4f4866118909e933c0f6a2a812ef4dc1aa2df20c7c4190e3ae01631ce4319ebf7edb472dc5e62d5df2e09e5bfa14c9c77ee9a54141713f829255e3abae2

  • SSDEEP

    768:W7Blp2sspARFbh5YePbTQbzjrY/+TQbzjrY/o7Blp2sspARFbh5YePbTQbzjrY/P:W7Z2sspAp5YePf7Z2sspAp5YePj

Score
9/10

Malware Config

Targets

    • Target

      18d976914758b677787aa0b41bf9a2eb1a96797086e0194daa4dee4808db3937

    • Size

      97KB

    • MD5

      729375c14de65c2de539c55ae95e4895

    • SHA1

      126a4e6956ec0af7416d2db7242e8d7aa86bed38

    • SHA256

      18d976914758b677787aa0b41bf9a2eb1a96797086e0194daa4dee4808db3937

    • SHA512

      9ad7a4f4866118909e933c0f6a2a812ef4dc1aa2df20c7c4190e3ae01631ce4319ebf7edb472dc5e62d5df2e09e5bfa14c9c77ee9a54141713f829255e3abae2

    • SSDEEP

      768:W7Blp2sspARFbh5YePbTQbzjrY/+TQbzjrY/o7Blp2sspARFbh5YePbTQbzjrY/P:W7Z2sspAp5YePf7Z2sspAp5YePj

    Score
    9/10
    • Renames multiple (1235) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks