General

  • Target

    0dc1b785fec39e687e8302a4a207dbcf1c50b8425ec64a10952e9df32372a306

  • Size

    41KB

  • Sample

    241112-ychansspgj

  • MD5

    e6a4179e28b0033fa0b333cb8c8a7aca

  • SHA1

    b9b56780963280cab00408672851623eb416acc1

  • SHA256

    0dc1b785fec39e687e8302a4a207dbcf1c50b8425ec64a10952e9df32372a306

  • SHA512

    7d55e3b92ea6ce7ff55eb2170323b2953290911f30cecda3b6433cf0032be73ccffd37602927a34d2242b9db8c57f21fa091076650acb1da12d0897f9631737a

  • SSDEEP

    768:kBT37CPKKdJJcbQbf1Oti1JGBQOOiQJhATB+BT37CPKKdJJcbQbf1Oti1JGBQOOw:CTW7JJZENTBsTW7JJZENTBV

Malware Config

Targets

    • Target

      0dc1b785fec39e687e8302a4a207dbcf1c50b8425ec64a10952e9df32372a306

    • Size

      41KB

    • MD5

      e6a4179e28b0033fa0b333cb8c8a7aca

    • SHA1

      b9b56780963280cab00408672851623eb416acc1

    • SHA256

      0dc1b785fec39e687e8302a4a207dbcf1c50b8425ec64a10952e9df32372a306

    • SHA512

      7d55e3b92ea6ce7ff55eb2170323b2953290911f30cecda3b6433cf0032be73ccffd37602927a34d2242b9db8c57f21fa091076650acb1da12d0897f9631737a

    • SSDEEP

      768:kBT37CPKKdJJcbQbf1Oti1JGBQOOiQJhATB+BT37CPKKdJJcbQbf1Oti1JGBQOOw:CTW7JJZENTBsTW7JJZENTBV

    • Renames multiple (4112) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks