General

  • Target

    9be88edf52d420d4c3df04eb28f3c3b307f58ca59154fa26f6aeaf3a163af814N

  • Size

    137KB

  • Sample

    241018-f3b78szbke

  • MD5

    6f366e35500b3b5d2d431fc64033c980

  • SHA1

    ef61efeaf5e5c6ce4f724c0f46a89334e227f16a

  • SHA256

    9be88edf52d420d4c3df04eb28f3c3b307f58ca59154fa26f6aeaf3a163af814

  • SHA512

    afc0180aff59e74dfced9024be5334c4c50bbc94d96a357ea3574d3881ca82d36ae7d0e9976bf1caa1a5d50a9f01fcc00b51f1f8f541598607d06947be136bd5

  • SSDEEP

    1536:CTWn1++PJHJXA/OsIZfzc3/Q8zxY5gTWn1++PJHJXA/OsIZfzc3/Q8zxY5S:KQSox5IQSox5S

Malware Config

Targets

    • Target

      9be88edf52d420d4c3df04eb28f3c3b307f58ca59154fa26f6aeaf3a163af814N

    • Size

      137KB

    • MD5

      6f366e35500b3b5d2d431fc64033c980

    • SHA1

      ef61efeaf5e5c6ce4f724c0f46a89334e227f16a

    • SHA256

      9be88edf52d420d4c3df04eb28f3c3b307f58ca59154fa26f6aeaf3a163af814

    • SHA512

      afc0180aff59e74dfced9024be5334c4c50bbc94d96a357ea3574d3881ca82d36ae7d0e9976bf1caa1a5d50a9f01fcc00b51f1f8f541598607d06947be136bd5

    • SSDEEP

      1536:CTWn1++PJHJXA/OsIZfzc3/Q8zxY5gTWn1++PJHJXA/OsIZfzc3/Q8zxY5S:KQSox5IQSox5S

    • Renames multiple (4189) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks