General

  • Target

    d4d259bff9074baea7c00ae06870463b01873ef2c0bc034aab37274c58ccf8b8N

  • Size

    87KB

  • Sample

    241017-2x23cs1fra

  • MD5

    ac5dde6178c42e50fe58374997a48d00

  • SHA1

    0d65c165f79aa6a386b10239b0c8240f3157c310

  • SHA256

    d4d259bff9074baea7c00ae06870463b01873ef2c0bc034aab37274c58ccf8b8

  • SHA512

    387c32be1933c6fd506309744e8b3fdf14813b3203a37aa772c37eaa50edbd1900cd36b9e0383d95706f56c6ca8b9685efd112c8b927c90a811c256ddbf0bd44

  • SSDEEP

    1536:CTW7JJ7TPUnWEUT2UTvTW7JJ7TPUnWEUT2UTZKo:hzUFUT2UT4zUFUT2UTZKo

Malware Config

Targets

    • Target

      d4d259bff9074baea7c00ae06870463b01873ef2c0bc034aab37274c58ccf8b8N

    • Size

      87KB

    • MD5

      ac5dde6178c42e50fe58374997a48d00

    • SHA1

      0d65c165f79aa6a386b10239b0c8240f3157c310

    • SHA256

      d4d259bff9074baea7c00ae06870463b01873ef2c0bc034aab37274c58ccf8b8

    • SHA512

      387c32be1933c6fd506309744e8b3fdf14813b3203a37aa772c37eaa50edbd1900cd36b9e0383d95706f56c6ca8b9685efd112c8b927c90a811c256ddbf0bd44

    • SSDEEP

      1536:CTW7JJ7TPUnWEUT2UTvTW7JJ7TPUnWEUT2UTZKo:hzUFUT2UT4zUFUT2UTZKo

    • Renames multiple (4412) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks