General

  • Target

    9ae5a388121151a95137facaa7b87adaf6b87142642b1d020680fd0d8eaab4a7

  • Size

    88KB

  • Sample

    241020-aj85zazbql

  • MD5

    111f6241e9bb1ce80eff2c62f2d1d5d9

  • SHA1

    99b7af79dd7179d76d833fea07556beb3ceca62b

  • SHA256

    9ae5a388121151a95137facaa7b87adaf6b87142642b1d020680fd0d8eaab4a7

  • SHA512

    c7329c00f24700c6732c7d9cc3c7bbc7c2ac6f2d3aaa3ccd1bb9c9647dc86c7b585d3e3e54fcffdf61d1d471e3c00b58c85a17021118e13343ddd853a666b6e4

  • SSDEEP

    768:kBT37CPKK1EXBwzEXBw3sgQw58eGkz2rcuesgQw58eGkz2rcu90TKe+0TKeKiwlZ:CTWciVRRNRR3E0TWciVRRNRRR

Malware Config

Targets

    • Target

      9ae5a388121151a95137facaa7b87adaf6b87142642b1d020680fd0d8eaab4a7

    • Size

      88KB

    • MD5

      111f6241e9bb1ce80eff2c62f2d1d5d9

    • SHA1

      99b7af79dd7179d76d833fea07556beb3ceca62b

    • SHA256

      9ae5a388121151a95137facaa7b87adaf6b87142642b1d020680fd0d8eaab4a7

    • SHA512

      c7329c00f24700c6732c7d9cc3c7bbc7c2ac6f2d3aaa3ccd1bb9c9647dc86c7b585d3e3e54fcffdf61d1d471e3c00b58c85a17021118e13343ddd853a666b6e4

    • SSDEEP

      768:kBT37CPKK1EXBwzEXBw3sgQw58eGkz2rcuesgQw58eGkz2rcu90TKe+0TKeKiwlZ:CTWciVRRNRR3E0TWciVRRNRRR

    • Renames multiple (4913) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks