General

  • Target

    738f7b2a63d7e593967b757322fd861e32753fd1abbb2def8efacb684069f25eN

  • Size

    79KB

  • Sample

    241019-1hnezszhkf

  • MD5

    f0a4b271943571c0478ae9a337d97770

  • SHA1

    e3a90c10af851acdaf1f48915bf9e5023a7778c6

  • SHA256

    738f7b2a63d7e593967b757322fd861e32753fd1abbb2def8efacb684069f25e

  • SHA512

    be039d0ef6ff2800a9dfe1d964db599bed702bc1ba09d4d97fb2eed700e6efed5439886ba8a36836adde986ce683e31593382148d5e3f241704acf87801e063e

  • SSDEEP

    768:kBT37CPKKdJJ1EXBwzEXBwdcMcI9Ro+QOViJfo+QOViJEopodSox/6Sox/9UBT3l:CTW7JJ7TPUTEGTW7JJ7TPUTEA

Malware Config

Targets

    • Target

      738f7b2a63d7e593967b757322fd861e32753fd1abbb2def8efacb684069f25eN

    • Size

      79KB

    • MD5

      f0a4b271943571c0478ae9a337d97770

    • SHA1

      e3a90c10af851acdaf1f48915bf9e5023a7778c6

    • SHA256

      738f7b2a63d7e593967b757322fd861e32753fd1abbb2def8efacb684069f25e

    • SHA512

      be039d0ef6ff2800a9dfe1d964db599bed702bc1ba09d4d97fb2eed700e6efed5439886ba8a36836adde986ce683e31593382148d5e3f241704acf87801e063e

    • SSDEEP

      768:kBT37CPKKdJJ1EXBwzEXBwdcMcI9Ro+QOViJfo+QOViJEopodSox/6Sox/9UBT3l:CTW7JJ7TPUTEGTW7JJ7TPUTEA

    • Renames multiple (330) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks