General

  • Target

    5126c03c44cc1c6ad5940c985fbf3a0ce3792ae8ed009d3f6ebeee8fd5120ec3N

  • Size

    85KB

  • Sample

    241005-xzvnvavdkc

  • MD5

    544a3c313e132d8264ffa7ef2e564ca0

  • SHA1

    c861f4f1341cee6eeadfcb85a87e5c3bcb636f06

  • SHA256

    5126c03c44cc1c6ad5940c985fbf3a0ce3792ae8ed009d3f6ebeee8fd5120ec3

  • SHA512

    4e4ee56754c0bca5060c5c1f275fa34bcc0ea2cf2968d198f8ec7142c397414ece54ffc0901c852496bdd775452ee5360f27ddcdb7d37f6d3eb0a4c506ee6950

  • SSDEEP

    768:kBT37CPKKdJJ1EXBwzEXBwdcMcwBcCBcw/tio/tiJFEFuBT37CPKKdJJ1EXBwzEN:CTW7JJ7TTQoQPy8TW7JJ7TTQoQPyS3z

Malware Config

Targets

    • Target

      5126c03c44cc1c6ad5940c985fbf3a0ce3792ae8ed009d3f6ebeee8fd5120ec3N

    • Size

      85KB

    • MD5

      544a3c313e132d8264ffa7ef2e564ca0

    • SHA1

      c861f4f1341cee6eeadfcb85a87e5c3bcb636f06

    • SHA256

      5126c03c44cc1c6ad5940c985fbf3a0ce3792ae8ed009d3f6ebeee8fd5120ec3

    • SHA512

      4e4ee56754c0bca5060c5c1f275fa34bcc0ea2cf2968d198f8ec7142c397414ece54ffc0901c852496bdd775452ee5360f27ddcdb7d37f6d3eb0a4c506ee6950

    • SSDEEP

      768:kBT37CPKKdJJ1EXBwzEXBwdcMcwBcCBcw/tio/tiJFEFuBT37CPKKdJJ1EXBwzEN:CTW7JJ7TTQoQPy8TW7JJ7TTQoQPyS3z

    • Renames multiple (4332) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks