General

  • Target

    dbafd87256b0f88dfd98395742c85cbc23239f8d41592f9d71169a7c81c63335.exe

  • Size

    112KB

  • Sample

    241119-znwswaskdv

  • MD5

    2308d56767bad4daf931d9c0af95003f

  • SHA1

    a08db0beb45a19cc2c24fdf0377b7bfc294cbbb9

  • SHA256

    dbafd87256b0f88dfd98395742c85cbc23239f8d41592f9d71169a7c81c63335

  • SHA512

    7307e0f901deffa8cb52622ca9600c65762dd2c0b4873be3290de589f1ee34055f5566861e9eb8dec22c7be7b772dd0c12673df080e5d33bf974290e449a5f75

  • SSDEEP

    1536:V7Zf/FAxTWoJJ7Tgwx7Zf/FAxTWoJJ7Tgw8QovpQovV:fny1Mwbny1Mwu

Malware Config

Targets

    • Target

      dbafd87256b0f88dfd98395742c85cbc23239f8d41592f9d71169a7c81c63335.exe

    • Size

      112KB

    • MD5

      2308d56767bad4daf931d9c0af95003f

    • SHA1

      a08db0beb45a19cc2c24fdf0377b7bfc294cbbb9

    • SHA256

      dbafd87256b0f88dfd98395742c85cbc23239f8d41592f9d71169a7c81c63335

    • SHA512

      7307e0f901deffa8cb52622ca9600c65762dd2c0b4873be3290de589f1ee34055f5566861e9eb8dec22c7be7b772dd0c12673df080e5d33bf974290e449a5f75

    • SSDEEP

      1536:V7Zf/FAxTWoJJ7Tgwx7Zf/FAxTWoJJ7Tgw8QovpQovV:fny1Mwbny1Mwu

    • Renames multiple (281) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks