General

  • Target

    dfba8338c3941517c1272ee379e101124dbed47a714c4797335e985ba756113bN

  • Size

    152KB

  • Sample

    241020-apnq8axhjc

  • MD5

    390a91afaa4c27ea3317933a79b9ae50

  • SHA1

    49748a8c0b7f93c7a8433ac7d43bdf56d568cf3f

  • SHA256

    dfba8338c3941517c1272ee379e101124dbed47a714c4797335e985ba756113b

  • SHA512

    feb6c693b8c0a288a2e23c9784c8209c86583cf086c1230e29e57c378703dcdfb14e7fbbbbcfefb0f0e86f7a782df8335d9974fa0b2c8f7689c571230d27475a

  • SSDEEP

    3072:9QWp4z1QWp4z7EhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFst:LaI

Score
9/10

Malware Config

Targets

    • Target

      dfba8338c3941517c1272ee379e101124dbed47a714c4797335e985ba756113bN

    • Size

      152KB

    • MD5

      390a91afaa4c27ea3317933a79b9ae50

    • SHA1

      49748a8c0b7f93c7a8433ac7d43bdf56d568cf3f

    • SHA256

      dfba8338c3941517c1272ee379e101124dbed47a714c4797335e985ba756113b

    • SHA512

      feb6c693b8c0a288a2e23c9784c8209c86583cf086c1230e29e57c378703dcdfb14e7fbbbbcfefb0f0e86f7a782df8335d9974fa0b2c8f7689c571230d27475a

    • SSDEEP

      3072:9QWp4z1QWp4z7EhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFst:LaI

    Score
    9/10
    • Renames multiple (4154) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks