General

  • Target

    50606bb909831cf6100daece86eaa5a840b25ef534c28b87e78efda2b0c9e552

  • Size

    130KB

  • Sample

    241019-zymb7a1cnn

  • MD5

    a24b276e570d92423554c11d38b4e637

  • SHA1

    0f8c1e40e19a715bd6a0265baa3192adf05f5d5d

  • SHA256

    50606bb909831cf6100daece86eaa5a840b25ef534c28b87e78efda2b0c9e552

  • SHA512

    e1da0d8e522ca1837e5d2776e53d1429d91d64d7d1fbb3e9f12e0bab8b396ad3edbe660f4fb207d16e29af0ef198d00007d353b43cb5f6523efa6546755985c1

  • SSDEEP

    1536:W7ZhA7dAynMdyGdy7YRY1tvtHrq7ZhA7dAynMdyGdy7YRY1tvtHrG:6e76ynluKtvtHrue76ynluKtvtHrG

Score
9/10

Malware Config

Targets

    • Target

      50606bb909831cf6100daece86eaa5a840b25ef534c28b87e78efda2b0c9e552

    • Size

      130KB

    • MD5

      a24b276e570d92423554c11d38b4e637

    • SHA1

      0f8c1e40e19a715bd6a0265baa3192adf05f5d5d

    • SHA256

      50606bb909831cf6100daece86eaa5a840b25ef534c28b87e78efda2b0c9e552

    • SHA512

      e1da0d8e522ca1837e5d2776e53d1429d91d64d7d1fbb3e9f12e0bab8b396ad3edbe660f4fb207d16e29af0ef198d00007d353b43cb5f6523efa6546755985c1

    • SSDEEP

      1536:W7ZhA7dAynMdyGdy7YRY1tvtHrq7ZhA7dAynMdyGdy7YRY1tvtHrG:6e76ynluKtvtHrue76ynluKtvtHrG

    Score
    9/10
    • Renames multiple (4564) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks