General

  • Target

    6bf8b1d538486036fbf246aa467667a73e1c15e5a162b48191045a4272c6bc56N

  • Size

    77KB

  • Sample

    241018-brerrs1cjp

  • MD5

    53ad0f716a0e489d32b40e83b2e63870

  • SHA1

    b2f449f8dc2abc0ec7063de5225b6ec4247181e2

  • SHA256

    6bf8b1d538486036fbf246aa467667a73e1c15e5a162b48191045a4272c6bc56

  • SHA512

    98b4d79f8a854dec211e980c0dd15e1275b775f730a6e141d5e5904acc8b017cd378fe5b737e6052a9413f772d53259eb501871dadb5cf4636e4af3bd9f0e0f0

  • SSDEEP

    1536:CTW7JJZENTBHfiPR7C5C7C53TW7JJZENTBHfiPR7C5C7C5e:htE0tEK

Malware Config

Targets

    • Target

      6bf8b1d538486036fbf246aa467667a73e1c15e5a162b48191045a4272c6bc56N

    • Size

      77KB

    • MD5

      53ad0f716a0e489d32b40e83b2e63870

    • SHA1

      b2f449f8dc2abc0ec7063de5225b6ec4247181e2

    • SHA256

      6bf8b1d538486036fbf246aa467667a73e1c15e5a162b48191045a4272c6bc56

    • SHA512

      98b4d79f8a854dec211e980c0dd15e1275b775f730a6e141d5e5904acc8b017cd378fe5b737e6052a9413f772d53259eb501871dadb5cf4636e4af3bd9f0e0f0

    • SSDEEP

      1536:CTW7JJZENTBHfiPR7C5C7C53TW7JJZENTBHfiPR7C5C7C5e:htE0tEK

    • Renames multiple (4277) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks