General

  • Target

    6466617bf56679e803081cdc6a8e52db0fd01e33d99dbb6e92a69c19fdf42971N

  • Size

    201KB

  • Sample

    241006-nf88fswapc

  • MD5

    ad9d83ea77fdac1e2d6590cd5109c7a0

  • SHA1

    12959c721942f39f75d03db6d08fa7631ce42bb7

  • SHA256

    6466617bf56679e803081cdc6a8e52db0fd01e33d99dbb6e92a69c19fdf42971

  • SHA512

    bebba937bb99af6cefdf6e76b021036874c4f17418ad12007a92d74d783daa26e0d10c9f59b005865c4f67ec73beb02b9c8c782e54d59f395713fa9da68a9225

  • SSDEEP

    1536:V7Zf/FAxTWoJJ7TTQoQIRUTW7JJ7TTQoQIRf7Zf/FAxTWoJJ7TTQoQIRUTW7JJ7b:fny1oRIR7oRIRdny1oRIR7oRIRt

Malware Config

Targets

    • Target

      6466617bf56679e803081cdc6a8e52db0fd01e33d99dbb6e92a69c19fdf42971N

    • Size

      201KB

    • MD5

      ad9d83ea77fdac1e2d6590cd5109c7a0

    • SHA1

      12959c721942f39f75d03db6d08fa7631ce42bb7

    • SHA256

      6466617bf56679e803081cdc6a8e52db0fd01e33d99dbb6e92a69c19fdf42971

    • SHA512

      bebba937bb99af6cefdf6e76b021036874c4f17418ad12007a92d74d783daa26e0d10c9f59b005865c4f67ec73beb02b9c8c782e54d59f395713fa9da68a9225

    • SSDEEP

      1536:V7Zf/FAxTWoJJ7TTQoQIRUTW7JJ7TTQoQIRf7Zf/FAxTWoJJ7TTQoQIRUTW7JJ7b:fny1oRIR7oRIRdny1oRIR7oRIRt

    • Renames multiple (249) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks