General

  • Target

    1a9cdeb7ace1976c1829a479aba6a25db3c5502cbfefe9e32f73fe3125ff6904N

  • Size

    85KB

  • Sample

    241020-fj7vssscqp

  • MD5

    8a053ea73fe5dba5f280f3055255d7b0

  • SHA1

    4e2319dfedd7bb9ea8faaab0aa738018cf017c57

  • SHA256

    1a9cdeb7ace1976c1829a479aba6a25db3c5502cbfefe9e32f73fe3125ff6904

  • SHA512

    de3ab8d436949670d65ab28824a6f5606671f8b5f72e638802ba14c6c89dbb5e58b553d32ea6241988b86ac4af9ed9f34af4b54bc4f217ce4a139f490618368a

  • SSDEEP

    1536:CTW7JJ7TTQoQmobr0ARZF6NFVogjQlRv/Lw:hoR8wUhQ7XM

Malware Config

Targets

    • Target

      1a9cdeb7ace1976c1829a479aba6a25db3c5502cbfefe9e32f73fe3125ff6904N

    • Size

      85KB

    • MD5

      8a053ea73fe5dba5f280f3055255d7b0

    • SHA1

      4e2319dfedd7bb9ea8faaab0aa738018cf017c57

    • SHA256

      1a9cdeb7ace1976c1829a479aba6a25db3c5502cbfefe9e32f73fe3125ff6904

    • SHA512

      de3ab8d436949670d65ab28824a6f5606671f8b5f72e638802ba14c6c89dbb5e58b553d32ea6241988b86ac4af9ed9f34af4b54bc4f217ce4a139f490618368a

    • SSDEEP

      1536:CTW7JJ7TTQoQmobr0ARZF6NFVogjQlRv/Lw:hoR8wUhQ7XM

    • Renames multiple (3302) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks