General

  • Target

    bf5b495ec609c21bfb82d55009d518bef2afd4f50c25e4f59fe0b10b90d96444N

  • Size

    121KB

  • Sample

    241020-f1ycpatblr

  • MD5

    e7454891e2764f39cbe1e7f24cd24230

  • SHA1

    b5630b93948d4e64c8bf6cb1db0fa8aa7b858841

  • SHA256

    bf5b495ec609c21bfb82d55009d518bef2afd4f50c25e4f59fe0b10b90d96444

  • SHA512

    612553563f31c9852cbb0dd73ac1972d980e07d2dc6ad93ec9c8f33aada4a848649224a4977e3dc831f6d6409f1d426c178fcbf1ce65b62270a004cc2685066d

  • SSDEEP

    1536:V7Zf/FAxTWoJJ7TUcdF7Zf/FAxTWoJJ7TUcdb:fny1oGny1ou

Malware Config

Targets

    • Target

      bf5b495ec609c21bfb82d55009d518bef2afd4f50c25e4f59fe0b10b90d96444N

    • Size

      121KB

    • MD5

      e7454891e2764f39cbe1e7f24cd24230

    • SHA1

      b5630b93948d4e64c8bf6cb1db0fa8aa7b858841

    • SHA256

      bf5b495ec609c21bfb82d55009d518bef2afd4f50c25e4f59fe0b10b90d96444

    • SHA512

      612553563f31c9852cbb0dd73ac1972d980e07d2dc6ad93ec9c8f33aada4a848649224a4977e3dc831f6d6409f1d426c178fcbf1ce65b62270a004cc2685066d

    • SSDEEP

      1536:V7Zf/FAxTWoJJ7TUcdF7Zf/FAxTWoJJ7TUcdb:fny1oGny1ou

    • Renames multiple (271) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks