General

  • Target

    202f92992719881874a599d64517725cb25009d7991e3b06b62fe9a10bff0cf2

  • Size

    228KB

  • Sample

    241016-xvgw7a1bpm

  • MD5

    79d128f40ed98b0858216347e81581c0

  • SHA1

    94444c008ac3fc5d143f4d47c435a9417a274eff

  • SHA256

    202f92992719881874a599d64517725cb25009d7991e3b06b62fe9a10bff0cf2

  • SHA512

    734a748ab753bdf3f276e55b3f3803cd064121e7d75433535a082abfbe1899c0827c8b35aa6e021b883828c4b1bc2063d768d4450c9c67161c58a65c8d4c5e75

  • SSDEEP

    3072:KQSodYeHNmkDxfIyKoIWbsHfySkT5GeCyi348oWGRPOzkjId6q8UdrSD+kCoIfLO:KQSodYeHNmB9KN4ShcHUaG

Malware Config

Targets

    • Target

      202f92992719881874a599d64517725cb25009d7991e3b06b62fe9a10bff0cf2

    • Size

      228KB

    • MD5

      79d128f40ed98b0858216347e81581c0

    • SHA1

      94444c008ac3fc5d143f4d47c435a9417a274eff

    • SHA256

      202f92992719881874a599d64517725cb25009d7991e3b06b62fe9a10bff0cf2

    • SHA512

      734a748ab753bdf3f276e55b3f3803cd064121e7d75433535a082abfbe1899c0827c8b35aa6e021b883828c4b1bc2063d768d4450c9c67161c58a65c8d4c5e75

    • SSDEEP

      3072:KQSodYeHNmkDxfIyKoIWbsHfySkT5GeCyi348oWGRPOzkjId6q8UdrSD+kCoIfLO:KQSodYeHNmB9KN4ShcHUaG

    • Renames multiple (506) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks