General

  • Target

    d8edf501ea8572b325766f7c31f97c1720760f3a0b86d0e2042faa7f680c0474N

  • Size

    126KB

  • Sample

    241106-f9vm6avgkc

  • MD5

    2e72b804e135d0b0f2bbeaddd73e3a00

  • SHA1

    9f037526fe8e3f960b603e0ab06dac91fbb253f6

  • SHA256

    d8edf501ea8572b325766f7c31f97c1720760f3a0b86d0e2042faa7f680c0474

  • SHA512

    10cc3c436f04f939260f13533212b462c325a6fbfd763073a17af974a4bc5125320c557d54662602f293286c37cbed41cc0cb2f3e5af3d034ecd548f3eebf2e6

  • SSDEEP

    3072:6e76ynluKtvtte76ynluKtvt0+6V2RuH2j+6V2RuH2I:Reynlua1Ieynlua10+6V2RuH2j+6V2R4

Score
9/10

Malware Config

Targets

    • Target

      d8edf501ea8572b325766f7c31f97c1720760f3a0b86d0e2042faa7f680c0474N

    • Size

      126KB

    • MD5

      2e72b804e135d0b0f2bbeaddd73e3a00

    • SHA1

      9f037526fe8e3f960b603e0ab06dac91fbb253f6

    • SHA256

      d8edf501ea8572b325766f7c31f97c1720760f3a0b86d0e2042faa7f680c0474

    • SHA512

      10cc3c436f04f939260f13533212b462c325a6fbfd763073a17af974a4bc5125320c557d54662602f293286c37cbed41cc0cb2f3e5af3d034ecd548f3eebf2e6

    • SSDEEP

      3072:6e76ynluKtvtte76ynluKtvt0+6V2RuH2j+6V2RuH2I:Reynlua1Ieynlua10+6V2RuH2j+6V2R4

    Score
    9/10
    • Renames multiple (4257) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks