General

  • Target

    2024-11-04_a925cd24c02dd75fb48c6db87ee43f46_darkside

  • Size

    144KB

  • Sample

    241104-d12c8sshql

  • MD5

    a925cd24c02dd75fb48c6db87ee43f46

  • SHA1

    4c6d15029d1457d011f89b21fc0c61157b13a3b3

  • SHA256

    acff52603661d22885a36c7114be3278aaeecdf06d47ab554fc4173979aa2baf

  • SHA512

    ab4e75139badef3533bff0ea7ca545a11f3833c82bb30e3abaa27841b296962773e745dd96111c06b0a0caac63d16ee41630b0f192c0a3f6187d00e81e81c77f

  • SSDEEP

    3072:IqJogYkcSNm9V7DRrTLdNF+qjFe0qtHWT:Iq2kc4m9tDRZNFDjFed

Malware Config

Targets

    • Target

      2024-11-04_a925cd24c02dd75fb48c6db87ee43f46_darkside

    • Size

      144KB

    • MD5

      a925cd24c02dd75fb48c6db87ee43f46

    • SHA1

      4c6d15029d1457d011f89b21fc0c61157b13a3b3

    • SHA256

      acff52603661d22885a36c7114be3278aaeecdf06d47ab554fc4173979aa2baf

    • SHA512

      ab4e75139badef3533bff0ea7ca545a11f3833c82bb30e3abaa27841b296962773e745dd96111c06b0a0caac63d16ee41630b0f192c0a3f6187d00e81e81c77f

    • SSDEEP

      3072:IqJogYkcSNm9V7DRrTLdNF+qjFe0qtHWT:Iq2kc4m9tDRZNFDjFed

    Score
    9/10
    • Renames multiple (5333) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks