General

  • Target

    4c2a4cb8de17823dd31d38486c8e7ae4f1af3638aa28ab6be073b443612abb4aN

  • Size

    22KB

  • Sample

    241111-p4sq2symas

  • MD5

    b78ed0c765a716b22e5c4a7bea4009f0

  • SHA1

    fcfd950657d2d6d8eb7cd1ae69042c18bc36907b

  • SHA256

    4c2a4cb8de17823dd31d38486c8e7ae4f1af3638aa28ab6be073b443612abb4a

  • SHA512

    7b3c18d523c810a93482c45e1acd74e9ffa76f94d9f0c2906f82cb844135426260b190c2bc4c103960ad65a1ba9e57609837a22f3d73c745212737dfdcd4c4b9

  • SSDEEP

    384:/QkZbV8i+fIZFQyZpz0q7bYKkxRjK36ct14yvXbB75z62A1aNJawcudoD7UgKDgZ:YGcAPQIpz0Mb18Kdt14yvLhlConbcuyX

Malware Config

Targets

    • Target

      4c2a4cb8de17823dd31d38486c8e7ae4f1af3638aa28ab6be073b443612abb4aN

    • Size

      22KB

    • MD5

      b78ed0c765a716b22e5c4a7bea4009f0

    • SHA1

      fcfd950657d2d6d8eb7cd1ae69042c18bc36907b

    • SHA256

      4c2a4cb8de17823dd31d38486c8e7ae4f1af3638aa28ab6be073b443612abb4a

    • SHA512

      7b3c18d523c810a93482c45e1acd74e9ffa76f94d9f0c2906f82cb844135426260b190c2bc4c103960ad65a1ba9e57609837a22f3d73c745212737dfdcd4c4b9

    • SSDEEP

      384:/QkZbV8i+fIZFQyZpz0q7bYKkxRjK36ct14yvXbB75z62A1aNJawcudoD7UgKDgZ:YGcAPQIpz0Mb18Kdt14yvLhlConbcuyX

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

    • Disables RegEdit via registry modification

    • Modifies Windows Firewall

    • Possible privilege escalation attempt

    • Modifies file permissions

    • File and Directory Permissions Modification: Windows File and Directory Permissions Modification

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks