General

  • Target

    ef661bab1e3f924c24210481a2b96225d76d0d149b1aed12eaf77e3884952111N

  • Size

    660KB

  • Sample

    241105-s5fdwswpak

  • MD5

    68e983283c160e0dba070a0679cdff50

  • SHA1

    fe8b110010d647c97399cc88b24c560f276506ce

  • SHA256

    ef661bab1e3f924c24210481a2b96225d76d0d149b1aed12eaf77e3884952111

  • SHA512

    e88ed94e123be8f741830976394f55e1c7e06f2b54f41001ce46367fd2350366eb3a86c23f396f77d370b578a75598162286807dbdc7503d6dffcfcea24b7a91

  • SSDEEP

    12288:NnX1nD53KoNw+bCUKklI9ufQ2XqJmrsZq4ZiomfzF1l:NnX1n95Nw+bJ3lI9uB/483N

Score
9/10

Malware Config

Targets

    • Target

      ef661bab1e3f924c24210481a2b96225d76d0d149b1aed12eaf77e3884952111N

    • Size

      660KB

    • MD5

      68e983283c160e0dba070a0679cdff50

    • SHA1

      fe8b110010d647c97399cc88b24c560f276506ce

    • SHA256

      ef661bab1e3f924c24210481a2b96225d76d0d149b1aed12eaf77e3884952111

    • SHA512

      e88ed94e123be8f741830976394f55e1c7e06f2b54f41001ce46367fd2350366eb3a86c23f396f77d370b578a75598162286807dbdc7503d6dffcfcea24b7a91

    • SSDEEP

      12288:NnX1nD53KoNw+bCUKklI9ufQ2XqJmrsZq4ZiomfzF1l:NnX1n95Nw+bJ3lI9uB/483N

    Score
    9/10
    • Renames multiple (3221) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks