General

  • Target

    2779f8060c65e04d8e6648a50057f5cc3c24a3af6465ed4c3dba9292ebd94065N.exe

  • Size

    128KB

  • Sample

    241114-d2hmhsxngp

  • MD5

    9c4ba1e41a75586673b43f9d14e160e0

  • SHA1

    e476f6264675c9505f38d919aa4e7cf22cb857d9

  • SHA256

    2779f8060c65e04d8e6648a50057f5cc3c24a3af6465ed4c3dba9292ebd94065

  • SHA512

    0559e61cf6b622f4721d19991a28f1fd109a32afb660077821901705c4f0000979ceac37277f5acd2cd5394cec45df882497d7fee78df077bf0aef043a1eef0e

  • SSDEEP

    1536:V7Zf/FAxTWbiVRRNRR3EBb6TWciVRRNRR3EBbmeK:fnyFRrRCRrRTeK

Malware Config

Targets

    • Target

      2779f8060c65e04d8e6648a50057f5cc3c24a3af6465ed4c3dba9292ebd94065N.exe

    • Size

      128KB

    • MD5

      9c4ba1e41a75586673b43f9d14e160e0

    • SHA1

      e476f6264675c9505f38d919aa4e7cf22cb857d9

    • SHA256

      2779f8060c65e04d8e6648a50057f5cc3c24a3af6465ed4c3dba9292ebd94065

    • SHA512

      0559e61cf6b622f4721d19991a28f1fd109a32afb660077821901705c4f0000979ceac37277f5acd2cd5394cec45df882497d7fee78df077bf0aef043a1eef0e

    • SSDEEP

      1536:V7Zf/FAxTWbiVRRNRR3EBb6TWciVRRNRR3EBbmeK:fnyFRrRCRrRTeK

    • Renames multiple (1837) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks