General

  • Target

    0ce6cadb81c4a41fe4f7039096a9e6573354cbf0cc2cf9024d2dcb0f630ba46dN

  • Size

    85KB

  • Sample

    241018-f2j7fsseln

  • MD5

    49005db2ed6a2d771175f1d094484e70

  • SHA1

    a5468e4b296b9409b6bfc73e5c993ebbfd3d2d6b

  • SHA256

    0ce6cadb81c4a41fe4f7039096a9e6573354cbf0cc2cf9024d2dcb0f630ba46d

  • SHA512

    65cde72e5a6b71f1150840ae9a2c84852017dae728a490d9136a2ddc774dbdd0e956144b2d9220b9cc8cf2721d769cbafc9c38a1130e72ef918f20bf1de91235

  • SSDEEP

    768:kBT37CPKKdJJ1EXBwzEXBwdcMcI9woOzOuiJfoOzOuiJfmE2lGZD4TzvPYNWw1Az:CTW7JJ7T4M++I8K/XCKCGSqzVk

Malware Config

Targets

    • Target

      0ce6cadb81c4a41fe4f7039096a9e6573354cbf0cc2cf9024d2dcb0f630ba46dN

    • Size

      85KB

    • MD5

      49005db2ed6a2d771175f1d094484e70

    • SHA1

      a5468e4b296b9409b6bfc73e5c993ebbfd3d2d6b

    • SHA256

      0ce6cadb81c4a41fe4f7039096a9e6573354cbf0cc2cf9024d2dcb0f630ba46d

    • SHA512

      65cde72e5a6b71f1150840ae9a2c84852017dae728a490d9136a2ddc774dbdd0e956144b2d9220b9cc8cf2721d769cbafc9c38a1130e72ef918f20bf1de91235

    • SSDEEP

      768:kBT37CPKKdJJ1EXBwzEXBwdcMcI9woOzOuiJfoOzOuiJfmE2lGZD4TzvPYNWw1Az:CTW7JJ7T4M++I8K/XCKCGSqzVk

    • Renames multiple (3396) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks