General

  • Target

    ae6ceac59c1a8ed29cb58bbc8e67dec393d7e5a1e85eb7fcc84edec4a2a42775

  • Size

    6.5MB

  • Sample

    241005-xty43szcnk

  • MD5

    0e946a15a99b2ea1a5bf01e9a196f73f

  • SHA1

    b82013ae0c40f21876d5d271d2c06ae83505a773

  • SHA256

    ae6ceac59c1a8ed29cb58bbc8e67dec393d7e5a1e85eb7fcc84edec4a2a42775

  • SHA512

    954bb8f16860322ab332ebbf265c68fa6ad23a3a3568f73c7c3d2518c87de03b8a2a8cf1d8d20d96b76701cac26a9af154fa877fa11c5eaff35cac1d59beff62

  • SSDEEP

    196608:7CzNA7rlvRz1rrFBV6tpjuj6gYPKHCKsM:7jUtYj6gYPYh

Malware Config

Targets

    • Target

      ae6ceac59c1a8ed29cb58bbc8e67dec393d7e5a1e85eb7fcc84edec4a2a42775

    • Size

      6.5MB

    • MD5

      0e946a15a99b2ea1a5bf01e9a196f73f

    • SHA1

      b82013ae0c40f21876d5d271d2c06ae83505a773

    • SHA256

      ae6ceac59c1a8ed29cb58bbc8e67dec393d7e5a1e85eb7fcc84edec4a2a42775

    • SHA512

      954bb8f16860322ab332ebbf265c68fa6ad23a3a3568f73c7c3d2518c87de03b8a2a8cf1d8d20d96b76701cac26a9af154fa877fa11c5eaff35cac1d59beff62

    • SSDEEP

      196608:7CzNA7rlvRz1rrFBV6tpjuj6gYPKHCKsM:7jUtYj6gYPYh

    • Renames multiple (508) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks