General

  • Target

    41517fe36e5a5cbf7aa1997bdf89449555c9ef729043d282ac89ae7b15ca950eN

  • Size

    176KB

  • Sample

    241005-y2bt7a1fmm

  • MD5

    00520204daed7a4bbf7cfffd8d592660

  • SHA1

    61c34ab06cb239d61d40288e57d640028b17cbf2

  • SHA256

    41517fe36e5a5cbf7aa1997bdf89449555c9ef729043d282ac89ae7b15ca950e

  • SHA512

    562927e4fc5f6222a857e1ae2815c16cd6217e6c1fc0fa6a835995ee2b331c5100d1b928d6fcd4d6ab1a88abb2f3bf45ac2b14c5a0e50461e019901fff471f20

  • SSDEEP

    1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8IZTwhx58hx5SdwEbdwEO7Zf/FAxTWY17:fnyiQSo7Z6xcxLnyiQSo7Z6xcxZ

Malware Config

Targets

    • Target

      41517fe36e5a5cbf7aa1997bdf89449555c9ef729043d282ac89ae7b15ca950eN

    • Size

      176KB

    • MD5

      00520204daed7a4bbf7cfffd8d592660

    • SHA1

      61c34ab06cb239d61d40288e57d640028b17cbf2

    • SHA256

      41517fe36e5a5cbf7aa1997bdf89449555c9ef729043d282ac89ae7b15ca950e

    • SHA512

      562927e4fc5f6222a857e1ae2815c16cd6217e6c1fc0fa6a835995ee2b331c5100d1b928d6fcd4d6ab1a88abb2f3bf45ac2b14c5a0e50461e019901fff471f20

    • SSDEEP

      1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8IZTwhx58hx5SdwEbdwEO7Zf/FAxTWY17:fnyiQSo7Z6xcxLnyiQSo7Z6xcxZ

    • Renames multiple (333) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks