General

  • Target

    242e0bf3c4bbd16a9ca90a8e004563bd9a57fda0721f2a4dc0ca159e84327db5N.exe

  • Size

    116KB

  • Sample

    250127-sa8rystmh1

  • MD5

    6e36e444bc0e23e0e5c2df67517c71b0

  • SHA1

    2c726ddb7cf9e361eb84f50e2d690f40df9faded

  • SHA256

    242e0bf3c4bbd16a9ca90a8e004563bd9a57fda0721f2a4dc0ca159e84327db5

  • SHA512

    9c0175b951cb5dbdac93d3d3f73062ebc305de59f6937732f979476d97e51f1ed336b158a9b8b1ac969940228ab40ba6f0c7c445b218cdbceb83f17048ffed6b

  • SSDEEP

    1536:V7Zf/FAxTWoJJ7Tgws7Zf/FAxTWoJJ7Tgw/:fny1Mwsny1Mw/

Malware Config

Targets

    • Target

      242e0bf3c4bbd16a9ca90a8e004563bd9a57fda0721f2a4dc0ca159e84327db5N.exe

    • Size

      116KB

    • MD5

      6e36e444bc0e23e0e5c2df67517c71b0

    • SHA1

      2c726ddb7cf9e361eb84f50e2d690f40df9faded

    • SHA256

      242e0bf3c4bbd16a9ca90a8e004563bd9a57fda0721f2a4dc0ca159e84327db5

    • SHA512

      9c0175b951cb5dbdac93d3d3f73062ebc305de59f6937732f979476d97e51f1ed336b158a9b8b1ac969940228ab40ba6f0c7c445b218cdbceb83f17048ffed6b

    • SSDEEP

      1536:V7Zf/FAxTWoJJ7Tgws7Zf/FAxTWoJJ7Tgw/:fny1Mwsny1Mw/

    • Renames multiple (303) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks