General

  • Target

    adca6d7c012cdc686c3a10659ea0760f5ff904053c80671269795aaf2b8f6a52.exe

  • Size

    22KB

  • Sample

    241111-fxxa8atdkl

  • MD5

    759c4fdfbdedb36d42973cd355ae1dad

  • SHA1

    c94830d8330012aec8c8cb2276d936fd94fd9eb9

  • SHA256

    adca6d7c012cdc686c3a10659ea0760f5ff904053c80671269795aaf2b8f6a52

  • SHA512

    99a3d10b6e720f3dc3c1fb6e6103786fc291e1ba57b2dd54081ed6903cf2fa1a9c73294eb5a88b0f7cd5631061a997b2ee5d1337baec74522485521125d5c854

  • SSDEEP

    384:/QkZbV8i+fIZFQyZpz0q7bYKkxRjK36ct14yvXbB75z62A1aNJawcudoD7UgKDgu:YGcAPQIpz0Mb18Kdt14yvLhlConbcuyg

Malware Config

Targets

    • Target

      adca6d7c012cdc686c3a10659ea0760f5ff904053c80671269795aaf2b8f6a52.exe

    • Size

      22KB

    • MD5

      759c4fdfbdedb36d42973cd355ae1dad

    • SHA1

      c94830d8330012aec8c8cb2276d936fd94fd9eb9

    • SHA256

      adca6d7c012cdc686c3a10659ea0760f5ff904053c80671269795aaf2b8f6a52

    • SHA512

      99a3d10b6e720f3dc3c1fb6e6103786fc291e1ba57b2dd54081ed6903cf2fa1a9c73294eb5a88b0f7cd5631061a997b2ee5d1337baec74522485521125d5c854

    • SSDEEP

      384:/QkZbV8i+fIZFQyZpz0q7bYKkxRjK36ct14yvXbB75z62A1aNJawcudoD7UgKDgu:YGcAPQIpz0Mb18Kdt14yvLhlConbcuyg

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

    • Disables RegEdit via registry modification

    • Modifies Windows Firewall

    • Possible privilege escalation attempt

    • Modifies file permissions

    • File and Directory Permissions Modification: Windows File and Directory Permissions Modification

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks