General

  • Target

    36711dad187f0afd4c479dbe9262518accdf96801e03c6797ee1acbd222f20f3N

  • Size

    133KB

  • Sample

    241006-kjxr2swenp

  • MD5

    dbc1be4dc13ac07bc86ca11a62ddd960

  • SHA1

    e478065ee922fc4afb0148961a2cfaf701f5b04d

  • SHA256

    36711dad187f0afd4c479dbe9262518accdf96801e03c6797ee1acbd222f20f3

  • SHA512

    ef81b16697c4293742df94ff6d5cdca2c81109588dacab0c62b95497ef07689df7b35933d3227b7741b82df6eefe53b80f3457a9e47351ef5a9c1cd69683a3f6

  • SSDEEP

    3072:6e7WpwYRYUtdtSsBc3wde7WpwYRYUtdtSsBc3wJ:Rq7agcBq7agce

Score
9/10

Malware Config

Targets

    • Target

      36711dad187f0afd4c479dbe9262518accdf96801e03c6797ee1acbd222f20f3N

    • Size

      133KB

    • MD5

      dbc1be4dc13ac07bc86ca11a62ddd960

    • SHA1

      e478065ee922fc4afb0148961a2cfaf701f5b04d

    • SHA256

      36711dad187f0afd4c479dbe9262518accdf96801e03c6797ee1acbd222f20f3

    • SHA512

      ef81b16697c4293742df94ff6d5cdca2c81109588dacab0c62b95497ef07689df7b35933d3227b7741b82df6eefe53b80f3457a9e47351ef5a9c1cd69683a3f6

    • SSDEEP

      3072:6e7WpwYRYUtdtSsBc3wde7WpwYRYUtdtSsBc3wJ:Rq7agcBq7agce

    Score
    9/10
    • Renames multiple (4334) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks