General

  • Target

    5ea76b1beee88c81aab7214ff3f908a9eae79f72f64a4cda4320114eae72ef19

  • Size

    688KB

  • Sample

    241016-xq46xszhpn

  • MD5

    ab1144629f0ee35757f962983342d775

  • SHA1

    82adc4612b2e5565570fc041d3fc6db0046b51a2

  • SHA256

    5ea76b1beee88c81aab7214ff3f908a9eae79f72f64a4cda4320114eae72ef19

  • SHA512

    3407d32789bd499feeb8ca45b0d7c46a0f9dd03e9af35681e39e112110f9306dcdffb6d5031517e5016550e523a987f6c925ece20f21305b52d2d12a2a4dea42

  • SSDEEP

    12288:XAIuZAIuX0D53KoNw+bCUKklI9ufQ2XqJmrsZq4ZiohfzFq6V:q95Nw+bJ3lI9uB/48UbV

Malware Config

Targets

    • Target

      5ea76b1beee88c81aab7214ff3f908a9eae79f72f64a4cda4320114eae72ef19

    • Size

      688KB

    • MD5

      ab1144629f0ee35757f962983342d775

    • SHA1

      82adc4612b2e5565570fc041d3fc6db0046b51a2

    • SHA256

      5ea76b1beee88c81aab7214ff3f908a9eae79f72f64a4cda4320114eae72ef19

    • SHA512

      3407d32789bd499feeb8ca45b0d7c46a0f9dd03e9af35681e39e112110f9306dcdffb6d5031517e5016550e523a987f6c925ece20f21305b52d2d12a2a4dea42

    • SSDEEP

      12288:XAIuZAIuX0D53KoNw+bCUKklI9ufQ2XqJmrsZq4ZiohfzFq6V:q95Nw+bJ3lI9uB/48UbV

    • Renames multiple (511) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks