General

  • Target

    f244231a971de671a298b69d992ecd007a0bd2f032b7411266d3570608dd148e

  • Size

    116KB

  • Sample

    241018-fa9m2a1bmj

  • MD5

    6189d52bebd7c71161b0af5b85023db4

  • SHA1

    3d114478369b49eebc4aa79b0f23d36dcd51402f

  • SHA256

    f244231a971de671a298b69d992ecd007a0bd2f032b7411266d3570608dd148e

  • SHA512

    a89dea02de678d791170ed5afcee59d9e3b6291fc4d50d29b57565e64853f8cb3db434f95255bf4e54c723c46f238a47742617d57df5f05948e5b4839450bf6d

  • SSDEEP

    1536:V7Zf/FAxTWoJJ7TyGsGJKnrf7Zf/FAxTWoJJ7TyGsGJKnrF:fny1XKxny1XKZ

Malware Config

Targets

    • Target

      f244231a971de671a298b69d992ecd007a0bd2f032b7411266d3570608dd148e

    • Size

      116KB

    • MD5

      6189d52bebd7c71161b0af5b85023db4

    • SHA1

      3d114478369b49eebc4aa79b0f23d36dcd51402f

    • SHA256

      f244231a971de671a298b69d992ecd007a0bd2f032b7411266d3570608dd148e

    • SHA512

      a89dea02de678d791170ed5afcee59d9e3b6291fc4d50d29b57565e64853f8cb3db434f95255bf4e54c723c46f238a47742617d57df5f05948e5b4839450bf6d

    • SSDEEP

      1536:V7Zf/FAxTWoJJ7TyGsGJKnrf7Zf/FAxTWoJJ7TyGsGJKnrF:fny1XKxny1XKZ

    • Renames multiple (4825) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks