General

  • Target

    49eaab0dd0ad9d5c73b1c172dbbb029246bbbd830910fb2f7c1988ac5723d6d3

  • Size

    82KB

  • Sample

    241005-zv5pcssfnn

  • MD5

    9e89aa756e4a42e1135dc26b51b38408

  • SHA1

    160fb96649c7db838886b2a312acbf1ab460e552

  • SHA256

    49eaab0dd0ad9d5c73b1c172dbbb029246bbbd830910fb2f7c1988ac5723d6d3

  • SHA512

    5631c2fb0b0af03eb9d50ca2cc47f600058304394705761149fcc5497ad665a7ce58afb1bb564f830a48828e318a1bed4f5a041da373f3745c5d646be496d0e2

  • SSDEEP

    1536:CTW7JJTUNOvAmgvsBqSW+QxbDMCAW6R0zAmgvsBqSW+QxbDMCAW6R0SbTW7JJTUk:hTAmgvsBqSW+cbICAW6R0zAmgvsBqSWb

Malware Config

Targets

    • Target

      49eaab0dd0ad9d5c73b1c172dbbb029246bbbd830910fb2f7c1988ac5723d6d3

    • Size

      82KB

    • MD5

      9e89aa756e4a42e1135dc26b51b38408

    • SHA1

      160fb96649c7db838886b2a312acbf1ab460e552

    • SHA256

      49eaab0dd0ad9d5c73b1c172dbbb029246bbbd830910fb2f7c1988ac5723d6d3

    • SHA512

      5631c2fb0b0af03eb9d50ca2cc47f600058304394705761149fcc5497ad665a7ce58afb1bb564f830a48828e318a1bed4f5a041da373f3745c5d646be496d0e2

    • SSDEEP

      1536:CTW7JJTUNOvAmgvsBqSW+QxbDMCAW6R0zAmgvsBqSW+QxbDMCAW6R0SbTW7JJTUk:hTAmgvsBqSW+cbICAW6R0zAmgvsBqSWb

    • Renames multiple (5111) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks