General

  • Target

    b8ba666de06c5568e66da45bddb74350d964c98d5764f8fa9f6cfb53da46fd5c

  • Size

    203KB

  • Sample

    250502-nn71cstjw4

  • MD5

    03489386ca3c95c10f70a4c28a48ab78

  • SHA1

    879542cdc33acb1b8123485c46795f2a361b9233

  • SHA256

    b8ba666de06c5568e66da45bddb74350d964c98d5764f8fa9f6cfb53da46fd5c

  • SHA512

    906cdfe9a504f477af650bfeaba397cdbc44abd1ccf29d6a65a52a8c0223c4552fe6b68c30b8882b9f18ebff6b66b1dec26fe5223f4c3da635b84f3362f4abb2

  • SSDEEP

    6144:TCx/ji+wYEFFEKA7XiH1B1F91PTGgysP:Gx/G+wYEFiKGsLFrTG+

Malware Config

Targets

    • Target

      b8ba666de06c5568e66da45bddb74350d964c98d5764f8fa9f6cfb53da46fd5c

    • Size

      203KB

    • MD5

      03489386ca3c95c10f70a4c28a48ab78

    • SHA1

      879542cdc33acb1b8123485c46795f2a361b9233

    • SHA256

      b8ba666de06c5568e66da45bddb74350d964c98d5764f8fa9f6cfb53da46fd5c

    • SHA512

      906cdfe9a504f477af650bfeaba397cdbc44abd1ccf29d6a65a52a8c0223c4552fe6b68c30b8882b9f18ebff6b66b1dec26fe5223f4c3da635b84f3362f4abb2

    • SSDEEP

      6144:TCx/ji+wYEFFEKA7XiH1B1F91PTGgysP:Gx/G+wYEFiKGsLFrTG+

    • Renames multiple (155) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v16

Tasks