General

  • Target

    fdef5d5b65f32f6dc538ce58f9a2a09af43d05e2ec94e2925a6a2d9b73aa3dd7

  • Size

    120KB

  • Sample

    241114-fatltayjhm

  • MD5

    0d97ba622ccdec553460b0869c31ff7e

  • SHA1

    6bb9b84f713a67c7a051116bf38901a4c0b1d213

  • SHA256

    fdef5d5b65f32f6dc538ce58f9a2a09af43d05e2ec94e2925a6a2d9b73aa3dd7

  • SHA512

    2c7378bb4c29ce30af963070a28558815c30c55b1473014a94ec1ebb3351e43ae1a3bd34c52ec8a29392c7fc4b4c0c7bf125b24941e0cbc35d6d73e0192f1dd6

  • SSDEEP

    1536:W7ZhA7dAynMdyGdy7YRY1tvtv+I8K/XCKCGSqzVY:6e76ynluKtvtv+ufC58q

Score
9/10

Malware Config

Targets

    • Target

      fdef5d5b65f32f6dc538ce58f9a2a09af43d05e2ec94e2925a6a2d9b73aa3dd7

    • Size

      120KB

    • MD5

      0d97ba622ccdec553460b0869c31ff7e

    • SHA1

      6bb9b84f713a67c7a051116bf38901a4c0b1d213

    • SHA256

      fdef5d5b65f32f6dc538ce58f9a2a09af43d05e2ec94e2925a6a2d9b73aa3dd7

    • SHA512

      2c7378bb4c29ce30af963070a28558815c30c55b1473014a94ec1ebb3351e43ae1a3bd34c52ec8a29392c7fc4b4c0c7bf125b24941e0cbc35d6d73e0192f1dd6

    • SSDEEP

      1536:W7ZhA7dAynMdyGdy7YRY1tvtv+I8K/XCKCGSqzVY:6e76ynluKtvtv+ufC58q

    Score
    9/10
    • Renames multiple (3438) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks