General

  • Target

    869d2a864031f287deca40722bfc6a9b2da58d6457529dbb32e1463670289104

  • Size

    63KB

  • Sample

    241018-amn9zaxfrr

  • MD5

    027ca680ac517780e6104dd49a5b8aa9

  • SHA1

    26223dea36da6c067ff750e9f8a4ee7e415903aa

  • SHA256

    869d2a864031f287deca40722bfc6a9b2da58d6457529dbb32e1463670289104

  • SHA512

    abf6c8e90bb3d14d8d46e367a4a4f2c89652b2b3a1055f67f4d0cc7f88f40ab191f7430dc35c29379a5ebf336272765b0bbaa230bc61ac6dea946c9b300f7a43

  • SSDEEP

    768:kBT37CPKKdJJ1EXBwzEXBwdcMcI9woOzOuiJfoOzOuiJf7LBT37CPKKdJJ1EXBwt:CTW7JJ7T4MqTW7JJ7T4Md

Malware Config

Targets

    • Target

      869d2a864031f287deca40722bfc6a9b2da58d6457529dbb32e1463670289104

    • Size

      63KB

    • MD5

      027ca680ac517780e6104dd49a5b8aa9

    • SHA1

      26223dea36da6c067ff750e9f8a4ee7e415903aa

    • SHA256

      869d2a864031f287deca40722bfc6a9b2da58d6457529dbb32e1463670289104

    • SHA512

      abf6c8e90bb3d14d8d46e367a4a4f2c89652b2b3a1055f67f4d0cc7f88f40ab191f7430dc35c29379a5ebf336272765b0bbaa230bc61ac6dea946c9b300f7a43

    • SSDEEP

      768:kBT37CPKKdJJ1EXBwzEXBwdcMcI9woOzOuiJfoOzOuiJf7LBT37CPKKdJJ1EXBwt:CTW7JJ7T4MqTW7JJ7T4Md

    • Renames multiple (4072) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks