General

  • Target

    0bf1d940939b25727bb46049820cc445c86f5a8380bf21d623f3d3e51cff6d8d

  • Size

    6.5MB

  • Sample

    241005-xy537avdja

  • MD5

    56736f3b4c5680cf110a8c0ae748ddf9

  • SHA1

    7960a6aab2ac4af0a502566b2f4d7d55e85c4a59

  • SHA256

    0bf1d940939b25727bb46049820cc445c86f5a8380bf21d623f3d3e51cff6d8d

  • SHA512

    f366f77d4e724b09ef10c707096137ad20b4878d8295be8d65f92b7cd8f5817e9b255935fc1c3b2dbe446c73613053e1605ccf9171cae277b8bfcdf7a63d0883

  • SSDEEP

    196608:YCzNA7rlvRz1rrFBV6tpjuj6gYPKHCKst:YjUtYj6gYPYU

Score
9/10

Malware Config

Targets

    • Target

      0bf1d940939b25727bb46049820cc445c86f5a8380bf21d623f3d3e51cff6d8d

    • Size

      6.5MB

    • MD5

      56736f3b4c5680cf110a8c0ae748ddf9

    • SHA1

      7960a6aab2ac4af0a502566b2f4d7d55e85c4a59

    • SHA256

      0bf1d940939b25727bb46049820cc445c86f5a8380bf21d623f3d3e51cff6d8d

    • SHA512

      f366f77d4e724b09ef10c707096137ad20b4878d8295be8d65f92b7cd8f5817e9b255935fc1c3b2dbe446c73613053e1605ccf9171cae277b8bfcdf7a63d0883

    • SSDEEP

      196608:YCzNA7rlvRz1rrFBV6tpjuj6gYPKHCKst:YjUtYj6gYPYU

    Score
    9/10
    • Renames multiple (909) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks