General

  • Target

    395dd5092e22b9ade93146c4c88590bd769ff284a3312b4f6fffa305f436eac8N

  • Size

    606KB

  • Sample

    241020-helswathnf

  • MD5

    9fc9a10d141930e6c7970e911630c450

  • SHA1

    22ba0aa29bce503808a63135238ea19208680bcc

  • SHA256

    395dd5092e22b9ade93146c4c88590bd769ff284a3312b4f6fffa305f436eac8

  • SHA512

    91c6f073c7919da7e093e54a6536ed4fcdb140f12dbe1347a3c3d19ca427d82ba5e81ec885d80f35845968066254913ac441dbd52f7a6857e4c3b62077ae1176

  • SSDEEP

    1536:V7Zf/FAxTWbiVRRNRROHrNOPLeMS+YanjU8YKLGPavsH5d6mFUejEdH1v6H1wH1t:fnyFRrRgxOeORYX3FFodVv6VwVIu8X5S

Malware Config

Targets

    • Target

      395dd5092e22b9ade93146c4c88590bd769ff284a3312b4f6fffa305f436eac8N

    • Size

      606KB

    • MD5

      9fc9a10d141930e6c7970e911630c450

    • SHA1

      22ba0aa29bce503808a63135238ea19208680bcc

    • SHA256

      395dd5092e22b9ade93146c4c88590bd769ff284a3312b4f6fffa305f436eac8

    • SHA512

      91c6f073c7919da7e093e54a6536ed4fcdb140f12dbe1347a3c3d19ca427d82ba5e81ec885d80f35845968066254913ac441dbd52f7a6857e4c3b62077ae1176

    • SSDEEP

      1536:V7Zf/FAxTWbiVRRNRROHrNOPLeMS+YanjU8YKLGPavsH5d6mFUejEdH1v6H1wH1t:fnyFRrRgxOeORYX3FFodVv6VwVIu8X5S

    • Renames multiple (1232) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks