General

  • Target

    5788dda9f50daa2d50df58b4248550fa7bc54175388e21bf1c05d78e10002215N

  • Size

    75KB

  • Sample

    241016-tre2mssgmn

  • MD5

    d7058f5b22068b7e9785aae883e58180

  • SHA1

    737d000d13bd873049af4f12f720dcf5e1e79aab

  • SHA256

    5788dda9f50daa2d50df58b4248550fa7bc54175388e21bf1c05d78e10002215

  • SHA512

    1cf760ffaab18be5cb1fbf555bd742ede8d07ffb0986726711dbf093d38dc8e9d40a47d70d99f7ce6690193f81d7514e4ab9a066844acc6325e358abf6b8de17

  • SSDEEP

    768:kBT37CPKKdJJ1EXBwzEXBwdcMcI9Ro+QOViJfo+QOViJqWgBT37CPKKdJJ1EXBwk:CTW7JJ7TPUnW2TW7JJ7TPUnWAYKz

Malware Config

Targets

    • Target

      5788dda9f50daa2d50df58b4248550fa7bc54175388e21bf1c05d78e10002215N

    • Size

      75KB

    • MD5

      d7058f5b22068b7e9785aae883e58180

    • SHA1

      737d000d13bd873049af4f12f720dcf5e1e79aab

    • SHA256

      5788dda9f50daa2d50df58b4248550fa7bc54175388e21bf1c05d78e10002215

    • SHA512

      1cf760ffaab18be5cb1fbf555bd742ede8d07ffb0986726711dbf093d38dc8e9d40a47d70d99f7ce6690193f81d7514e4ab9a066844acc6325e358abf6b8de17

    • SSDEEP

      768:kBT37CPKKdJJ1EXBwzEXBwdcMcI9Ro+QOViJfo+QOViJqWgBT37CPKKdJJ1EXBwk:CTW7JJ7TPUnW2TW7JJ7TPUnWAYKz

    • Renames multiple (1053) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks