General

  • Target

    ee8d2e365f1fab87485d5020e6061253c9a06cf6032249e29c0567fa3db5f1e5

  • Size

    103KB

  • Sample

    241112-e8pj3svgle

  • MD5

    78051c3a294c888ea5c1d2a3e9fac373

  • SHA1

    d15d4711dcb0ee6bd62256a11326b4ed9bfddace

  • SHA256

    ee8d2e365f1fab87485d5020e6061253c9a06cf6032249e29c0567fa3db5f1e5

  • SHA512

    7839a28374b9b56ec8247efbeb3a76dff5d22ced3f6e2bbca97be698fbf1a9abc96c6d0b34b97982714e0a6bbd5d1de8c8762135b8dd6608d4f52f0be2bd5885

  • SSDEEP

    768:kBT37CPKK1EXBwzEXBw3sgQw58eGkz2rcuesgQw58eGkz2rcu90TKe+0TKeKiwlc:CTWciVRRNRR3EBbMTWciVRRNRR3EBbH

Malware Config

Targets

    • Target

      ee8d2e365f1fab87485d5020e6061253c9a06cf6032249e29c0567fa3db5f1e5

    • Size

      103KB

    • MD5

      78051c3a294c888ea5c1d2a3e9fac373

    • SHA1

      d15d4711dcb0ee6bd62256a11326b4ed9bfddace

    • SHA256

      ee8d2e365f1fab87485d5020e6061253c9a06cf6032249e29c0567fa3db5f1e5

    • SHA512

      7839a28374b9b56ec8247efbeb3a76dff5d22ced3f6e2bbca97be698fbf1a9abc96c6d0b34b97982714e0a6bbd5d1de8c8762135b8dd6608d4f52f0be2bd5885

    • SSDEEP

      768:kBT37CPKK1EXBwzEXBw3sgQw58eGkz2rcuesgQw58eGkz2rcu90TKe+0TKeKiwlc:CTWciVRRNRR3EBbMTWciVRRNRR3EBbH

    • Renames multiple (3388) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks