General

  • Target

    c0ef901c69ab92db793796af74f75675210fe0aca5d6f62dd6b804b67696bcdcN

  • Size

    127KB

  • Sample

    241005-zrhqessekm

  • MD5

    e0c99caed12bb46db325b2b974fab810

  • SHA1

    1bbf155817472124e273f39dc76b046368a8f7f5

  • SHA256

    c0ef901c69ab92db793796af74f75675210fe0aca5d6f62dd6b804b67696bcdc

  • SHA512

    787a6d81cd4f5507b3708f96ac0f8a61acd67e4b0c8871419dc95a73bef77568e9a4463363cdb926e48fb299755e581111e270a339b84e16be96fc954a852ae6

  • SSDEEP

    1536:/7ZQpApHou595QUhUd7ZQpApHou595QUhU/:9QWp/595HunQWp/595Hu/

Score
9/10

Malware Config

Targets

    • Target

      c0ef901c69ab92db793796af74f75675210fe0aca5d6f62dd6b804b67696bcdcN

    • Size

      127KB

    • MD5

      e0c99caed12bb46db325b2b974fab810

    • SHA1

      1bbf155817472124e273f39dc76b046368a8f7f5

    • SHA256

      c0ef901c69ab92db793796af74f75675210fe0aca5d6f62dd6b804b67696bcdc

    • SHA512

      787a6d81cd4f5507b3708f96ac0f8a61acd67e4b0c8871419dc95a73bef77568e9a4463363cdb926e48fb299755e581111e270a339b84e16be96fc954a852ae6

    • SSDEEP

      1536:/7ZQpApHou595QUhUd7ZQpApHou595QUhU/:9QWp/595HunQWp/595Hu/

    Score
    9/10
    • Renames multiple (4089) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks