General

  • Target

    6300c28fe654ddd2654d40ea2b83faf97332a82856a4ba9828047c22fb56f05e

  • Size

    203KB

  • Sample

    250502-nmq1fszxgz

  • MD5

    7d5c223efbc9de72860e606ba6d9bfbf

  • SHA1

    c9e768834d37ecb7c60727081aa80b271790a642

  • SHA256

    6300c28fe654ddd2654d40ea2b83faf97332a82856a4ba9828047c22fb56f05e

  • SHA512

    421248057d743160c6b98081490b727976517377ae0bfef3dc40c3b29ad9a67c174862248e01ebebeaf77b07efa74a0f7770888cca60f5215a81843a1cdf6983

  • SSDEEP

    6144:CCx/ji+wYEFFEKA7XiH1B1F91PHGgysP:Rx/G+wYEFiKGsLFrHG+

Malware Config

Targets

    • Target

      6300c28fe654ddd2654d40ea2b83faf97332a82856a4ba9828047c22fb56f05e

    • Size

      203KB

    • MD5

      7d5c223efbc9de72860e606ba6d9bfbf

    • SHA1

      c9e768834d37ecb7c60727081aa80b271790a642

    • SHA256

      6300c28fe654ddd2654d40ea2b83faf97332a82856a4ba9828047c22fb56f05e

    • SHA512

      421248057d743160c6b98081490b727976517377ae0bfef3dc40c3b29ad9a67c174862248e01ebebeaf77b07efa74a0f7770888cca60f5215a81843a1cdf6983

    • SSDEEP

      6144:CCx/ji+wYEFFEKA7XiH1B1F91PHGgysP:Rx/G+wYEFiKGsLFrHG+

    • Renames multiple (149) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v16

Tasks