General

  • Target

    a56d91dfc5cf1572f0885313a1b6def0bd258c3b04550bc9eb1769886e73a00a

  • Size

    102KB

  • Sample

    241018-by3r6sydlh

  • MD5

    352dab960d498cd04a05698c1a143e28

  • SHA1

    3859491aa4e4c48a75051bca725130283f4002d0

  • SHA256

    a56d91dfc5cf1572f0885313a1b6def0bd258c3b04550bc9eb1769886e73a00a

  • SHA512

    5dc28a39814d8ec510a489ab87d1800d936ae97d49b983dba6358c68e60f2c384ced98669aaeda4a204fc909fc52df54edfb11b04872b83ef1a951aa57571e0d

  • SSDEEP

    768:V7Blpf/FAK65euBT37CPKKQSjyJJ1EXBwzEXBwdcMcI9nPI7Blpf/FAK65euBT3B:V7Zf/FAxTWoJJ7Tq7Zf/FAxTWoJJ7Tx

Malware Config

Targets

    • Target

      a56d91dfc5cf1572f0885313a1b6def0bd258c3b04550bc9eb1769886e73a00a

    • Size

      102KB

    • MD5

      352dab960d498cd04a05698c1a143e28

    • SHA1

      3859491aa4e4c48a75051bca725130283f4002d0

    • SHA256

      a56d91dfc5cf1572f0885313a1b6def0bd258c3b04550bc9eb1769886e73a00a

    • SHA512

      5dc28a39814d8ec510a489ab87d1800d936ae97d49b983dba6358c68e60f2c384ced98669aaeda4a204fc909fc52df54edfb11b04872b83ef1a951aa57571e0d

    • SSDEEP

      768:V7Blpf/FAK65euBT37CPKKQSjyJJ1EXBwzEXBwdcMcI9nPI7Blpf/FAK65euBT3B:V7Zf/FAxTWoJJ7Tq7Zf/FAxTWoJJ7Tx

    • Renames multiple (4209) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks