General

  • Target

    33f30b2f6c9ddf765aa4cd2e211e3ca91a44dd0d5f6ec5bd8160522329361d19.exe

  • Size

    409KB

  • Sample

    241112-gxmx8awhme

  • MD5

    e217bfaf7268a64e76aa362a178cdb7d

  • SHA1

    6411c98d74d322ff1f091d24a3e862628f4bf135

  • SHA256

    33f30b2f6c9ddf765aa4cd2e211e3ca91a44dd0d5f6ec5bd8160522329361d19

  • SHA512

    a10dc8f687ff9c370c71343073743015db9d4030fd2553c8def749af8a0c55e7c76a8ad5f47086c499c60b043c62d181b41e39ae79ddfd262d4c14607cf78ca8

  • SSDEEP

    6144:PDbV8nnT21rbgeYyKDHmsuIma8ZoV+PuSrRbp8awaHSjJZYTfHu:PDZ8nndDHmxmV+zr/8aOEu

Malware Config

Targets

    • Target

      33f30b2f6c9ddf765aa4cd2e211e3ca91a44dd0d5f6ec5bd8160522329361d19.exe

    • Size

      409KB

    • MD5

      e217bfaf7268a64e76aa362a178cdb7d

    • SHA1

      6411c98d74d322ff1f091d24a3e862628f4bf135

    • SHA256

      33f30b2f6c9ddf765aa4cd2e211e3ca91a44dd0d5f6ec5bd8160522329361d19

    • SHA512

      a10dc8f687ff9c370c71343073743015db9d4030fd2553c8def749af8a0c55e7c76a8ad5f47086c499c60b043c62d181b41e39ae79ddfd262d4c14607cf78ca8

    • SSDEEP

      6144:PDbV8nnT21rbgeYyKDHmsuIma8ZoV+PuSrRbp8awaHSjJZYTfHu:PDZ8nndDHmxmV+zr/8aOEu

    • Renames multiple (256) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks