General

  • Target

    83158d7db5eedd72415871c5fd209f3e926c68b6e92343b79f692b19326a16fcN

  • Size

    131KB

  • Sample

    241006-m1fwzazfnp

  • MD5

    d56a175c6ee3dc4f4b631ab05eef4060

  • SHA1

    adb05714e9ed032b8b5eda620ef5b3c73809c94a

  • SHA256

    83158d7db5eedd72415871c5fd209f3e926c68b6e92343b79f692b19326a16fc

  • SHA512

    e9a01fcd17d5624caef4010b87693af4fc35e442c2ce016291fab1048c4b296414dc2780057e798bd973c3389060f978fdc5bb655021cb9535fc7bdf581c96a3

  • SSDEEP

    1536:CTWn1++PJHJXA/OsIZfzc3/Q8zxY5KwGTWn1++PJHJXA/OsIZfzc3/Q8zxY5Kww:KQSox5KwWQSox5Kww

Malware Config

Targets

    • Target

      83158d7db5eedd72415871c5fd209f3e926c68b6e92343b79f692b19326a16fcN

    • Size

      131KB

    • MD5

      d56a175c6ee3dc4f4b631ab05eef4060

    • SHA1

      adb05714e9ed032b8b5eda620ef5b3c73809c94a

    • SHA256

      83158d7db5eedd72415871c5fd209f3e926c68b6e92343b79f692b19326a16fc

    • SHA512

      e9a01fcd17d5624caef4010b87693af4fc35e442c2ce016291fab1048c4b296414dc2780057e798bd973c3389060f978fdc5bb655021cb9535fc7bdf581c96a3

    • SSDEEP

      1536:CTWn1++PJHJXA/OsIZfzc3/Q8zxY5KwGTWn1++PJHJXA/OsIZfzc3/Q8zxY5Kww:KQSox5KwWQSox5Kww

    • Renames multiple (4258) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks