General

  • Target

    9312d699c11013e30b6814999221a3b620f258376d99067d0a7595bf661bca69N

  • Size

    119KB

  • Sample

    241017-3r9exstbng

  • MD5

    10bbafeb71e478c7b54aeb4878a73630

  • SHA1

    dbab0ca15d9d9dcf1f64a6622b2551dc7ff6ba32

  • SHA256

    9312d699c11013e30b6814999221a3b620f258376d99067d0a7595bf661bca69

  • SHA512

    c9869eae8a817db95ba2df973cef9d869dd8d1e980abfb1575b709b6e4210b95261a22c7348c916022221deafc71834e5eacda433c4edbe0d5a01ccafb807248

  • SSDEEP

    1536:V7Zf/FAxTWoJJ7TUcdf7Zf/FAxTWoJJ7TUcdU:fny1oYny1o9

Malware Config

Targets

    • Target

      9312d699c11013e30b6814999221a3b620f258376d99067d0a7595bf661bca69N

    • Size

      119KB

    • MD5

      10bbafeb71e478c7b54aeb4878a73630

    • SHA1

      dbab0ca15d9d9dcf1f64a6622b2551dc7ff6ba32

    • SHA256

      9312d699c11013e30b6814999221a3b620f258376d99067d0a7595bf661bca69

    • SHA512

      c9869eae8a817db95ba2df973cef9d869dd8d1e980abfb1575b709b6e4210b95261a22c7348c916022221deafc71834e5eacda433c4edbe0d5a01ccafb807248

    • SSDEEP

      1536:V7Zf/FAxTWoJJ7TUcdf7Zf/FAxTWoJJ7TUcdU:fny1oYny1o9

    • Renames multiple (309) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks