General

  • Target

    306ae3d5b077ef25843f1e96e183e32bf0932a20f70ab4c62863365467e5888cN

  • Size

    186KB

  • Sample

    241018-fryxvsyfjd

  • MD5

    37843a6aa89728ed2cd6d0e3b01da430

  • SHA1

    c6fde6864af53bd2110452a62cd20eaf457b94f2

  • SHA256

    306ae3d5b077ef25843f1e96e183e32bf0932a20f70ab4c62863365467e5888c

  • SHA512

    188a53545f2da2a8ef7d2aba28498a8aa3e9f3e4742e304e0bba73e5d39b11052fcfaa5e0098b130f63880f03bcc8253337dd91262f31c76b5d1c6d8f25e50fa

  • SSDEEP

    3072:6pWpqHrR9j3NqSGCLOwstyhZFChcssc56FUrgxvbSD4UQrO2o:PkHd9LNtShcHUao

Score
9/10

Malware Config

Targets

    • Target

      306ae3d5b077ef25843f1e96e183e32bf0932a20f70ab4c62863365467e5888cN

    • Size

      186KB

    • MD5

      37843a6aa89728ed2cd6d0e3b01da430

    • SHA1

      c6fde6864af53bd2110452a62cd20eaf457b94f2

    • SHA256

      306ae3d5b077ef25843f1e96e183e32bf0932a20f70ab4c62863365467e5888c

    • SHA512

      188a53545f2da2a8ef7d2aba28498a8aa3e9f3e4742e304e0bba73e5d39b11052fcfaa5e0098b130f63880f03bcc8253337dd91262f31c76b5d1c6d8f25e50fa

    • SSDEEP

      3072:6pWpqHrR9j3NqSGCLOwstyhZFChcssc56FUrgxvbSD4UQrO2o:PkHd9LNtShcHUao

    Score
    9/10
    • Renames multiple (3292) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks