General

  • Target

    02771f895c24cbd304e5a5cdb339127cd4aeae72040d3e72dd67cf94e54b40b3

  • Size

    41KB

  • Sample

    241112-xt3r9sslek

  • MD5

    86adce41798b759c4214967143bdf35b

  • SHA1

    42081cae9a84ff81829889ff1c6cd40b2d9818d9

  • SHA256

    02771f895c24cbd304e5a5cdb339127cd4aeae72040d3e72dd67cf94e54b40b3

  • SHA512

    e35abfcb2e9b2bf965764c76a4f2e4faa971badcb7260a7a9e2ca104e38a882fd3ba1c3692dd26b0d7fb910c5f97e60f076d0379d0d6eeb42dae94e0650d4793

  • SSDEEP

    768:kBT37CPKKdJJcbQbf1Oti1JGBQOOiQJhATBVBT37CPKKdJJcbQbf1Oti1JGBQOOI:CTW7JJZENTBnTW7JJZENTBJ

Malware Config

Targets

    • Target

      02771f895c24cbd304e5a5cdb339127cd4aeae72040d3e72dd67cf94e54b40b3

    • Size

      41KB

    • MD5

      86adce41798b759c4214967143bdf35b

    • SHA1

      42081cae9a84ff81829889ff1c6cd40b2d9818d9

    • SHA256

      02771f895c24cbd304e5a5cdb339127cd4aeae72040d3e72dd67cf94e54b40b3

    • SHA512

      e35abfcb2e9b2bf965764c76a4f2e4faa971badcb7260a7a9e2ca104e38a882fd3ba1c3692dd26b0d7fb910c5f97e60f076d0379d0d6eeb42dae94e0650d4793

    • SSDEEP

      768:kBT37CPKKdJJcbQbf1Oti1JGBQOOiQJhATBVBT37CPKKdJJcbQbf1Oti1JGBQOOI:CTW7JJZENTBnTW7JJZENTBJ

    • Renames multiple (4372) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks