General

  • Target

    cce31319d8b9ee387c1d009683e5fdfd951cb7d43064fde11b62cca29429a604.exe.bin

  • Size

    585KB

  • Sample

    241105-mntbjaskcl

  • MD5

    2f08b210a2574a5a1d14fda3ec2fa377

  • SHA1

    281e8ce64215e0a7a14e8cc6b9e197838eeb397d

  • SHA256

    cce31319d8b9ee387c1d009683e5fdfd951cb7d43064fde11b62cca29429a604

  • SHA512

    8d3a9a55ce131e42492ad4040b151d5df280fc6d11a66c4fa36dcfde35613211e43cb320e5b076469e9d5411f959e694ab6af661122adfff0f14976544d12394

  • SSDEEP

    12288:G2Ec0y33mLPJHqR+gq6UlLs6lt3Gje5qeR83ZAukpzchqiE4:gJHsw6UlA6TU1e83qj4hZ

Malware Config

Targets

    • Target

      cce31319d8b9ee387c1d009683e5fdfd951cb7d43064fde11b62cca29429a604.exe.bin

    • Size

      585KB

    • MD5

      2f08b210a2574a5a1d14fda3ec2fa377

    • SHA1

      281e8ce64215e0a7a14e8cc6b9e197838eeb397d

    • SHA256

      cce31319d8b9ee387c1d009683e5fdfd951cb7d43064fde11b62cca29429a604

    • SHA512

      8d3a9a55ce131e42492ad4040b151d5df280fc6d11a66c4fa36dcfde35613211e43cb320e5b076469e9d5411f959e694ab6af661122adfff0f14976544d12394

    • SSDEEP

      12288:G2Ec0y33mLPJHqR+gq6UlLs6lt3Gje5qeR83ZAukpzchqiE4:gJHsw6UlA6TU1e83qj4hZ

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Credentials from Password Stores: Windows Credential Manager

      Suspicious access to Credentials History.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks