General

  • Target

    6d67bd1671a472c00e3a397b1bb071f42f9e7d6af09d4073d06e616bf64b8778.exe

  • Size

    58KB

  • Sample

    241119-wrszlsyrax

  • MD5

    ee6ed022b6e01909487fcdaf3d047f34

  • SHA1

    87b542395fd19a87c2fb3ddb1ca5d27915d8bd5e

  • SHA256

    6d67bd1671a472c00e3a397b1bb071f42f9e7d6af09d4073d06e616bf64b8778

  • SHA512

    5ccce1d9f7b8db61d764b26897cab9e7a7ab9bf604c5b784b625ec272b16cde1d4569b9e9845cb130a9e22ec21b460c966c115f20f8a81361f38fdc6b39195f7

  • SSDEEP

    768:V7Blpf/FAK65euBT37CPKKQSjyJJcbQbf1Oti1JGBQOOiQJhATBHfBo8o3PV15RF:V7Zf/FAxTWoJJZENTBHfiP3zF

Malware Config

Targets

    • Target

      6d67bd1671a472c00e3a397b1bb071f42f9e7d6af09d4073d06e616bf64b8778.exe

    • Size

      58KB

    • MD5

      ee6ed022b6e01909487fcdaf3d047f34

    • SHA1

      87b542395fd19a87c2fb3ddb1ca5d27915d8bd5e

    • SHA256

      6d67bd1671a472c00e3a397b1bb071f42f9e7d6af09d4073d06e616bf64b8778

    • SHA512

      5ccce1d9f7b8db61d764b26897cab9e7a7ab9bf604c5b784b625ec272b16cde1d4569b9e9845cb130a9e22ec21b460c966c115f20f8a81361f38fdc6b39195f7

    • SSDEEP

      768:V7Blpf/FAK65euBT37CPKKQSjyJJcbQbf1Oti1JGBQOOiQJhATBHfBo8o3PV15RF:V7Zf/FAxTWoJJZENTBHfiP3zF

    • Renames multiple (2757) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks