General

  • Target

    290eb8f1c25a13c8dd584bd1152fd476728fb2c2e7d5c192413459efc19e1f17N

  • Size

    98KB

  • Sample

    241006-bfrbessfph

  • MD5

    df4bf7a71794e7b50d4f5d7636238be0

  • SHA1

    f2c29ae84d22cc353437d430521a8f4d760a4eff

  • SHA256

    290eb8f1c25a13c8dd584bd1152fd476728fb2c2e7d5c192413459efc19e1f17

  • SHA512

    83ef9f718a3747ab60ee25c6ad7494dfc31bb8d5303f913e878cfddc1809d5c713868b629d3fa9eafa62616a9f7ab9e10578bb7bcdc008ce06ee270c27730566

  • SSDEEP

    1536:p7ZhA7dAxJJB7LD2I2IGYx7ZhA7dAxJJB7LD2I2IGY8:Te76xtD33be76xtD338

Score
9/10

Malware Config

Targets

    • Target

      290eb8f1c25a13c8dd584bd1152fd476728fb2c2e7d5c192413459efc19e1f17N

    • Size

      98KB

    • MD5

      df4bf7a71794e7b50d4f5d7636238be0

    • SHA1

      f2c29ae84d22cc353437d430521a8f4d760a4eff

    • SHA256

      290eb8f1c25a13c8dd584bd1152fd476728fb2c2e7d5c192413459efc19e1f17

    • SHA512

      83ef9f718a3747ab60ee25c6ad7494dfc31bb8d5303f913e878cfddc1809d5c713868b629d3fa9eafa62616a9f7ab9e10578bb7bcdc008ce06ee270c27730566

    • SSDEEP

      1536:p7ZhA7dAxJJB7LD2I2IGYx7ZhA7dAxJJB7LD2I2IGY8:Te76xtD33be76xtD338

    Score
    9/10
    • Renames multiple (5014) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks