General

  • Target

    11bdddf5c04dc4ecd8a3f6affdc035622c36810e12f5263f70c5c2ef8bcaed81

  • Size

    34KB

  • Sample

    250515-d2tpsayqw5

  • MD5

    17eb3b93b5b709e42cb9d5a6ab413f3e

  • SHA1

    7c2b8564ebdd4d1032db98f7e6ef0d98628cb7f2

  • SHA256

    11bdddf5c04dc4ecd8a3f6affdc035622c36810e12f5263f70c5c2ef8bcaed81

  • SHA512

    772597b4e1846c4efb445aed3bf68aed334d1ee4588ae61fe23ef7978c627085e054d4e27693fc73e712a21560f269dc412c9a9009096c6a7d7dcd55ba385f99

  • SSDEEP

    768:uZ4FLz8ae+rOn8ae+rOJZ4FLz8ae+rOn8ae+rOG:uGIIJGIIG

Score
9/10

Malware Config

Targets

    • Target

      11bdddf5c04dc4ecd8a3f6affdc035622c36810e12f5263f70c5c2ef8bcaed81

    • Size

      34KB

    • MD5

      17eb3b93b5b709e42cb9d5a6ab413f3e

    • SHA1

      7c2b8564ebdd4d1032db98f7e6ef0d98628cb7f2

    • SHA256

      11bdddf5c04dc4ecd8a3f6affdc035622c36810e12f5263f70c5c2ef8bcaed81

    • SHA512

      772597b4e1846c4efb445aed3bf68aed334d1ee4588ae61fe23ef7978c627085e054d4e27693fc73e712a21560f269dc412c9a9009096c6a7d7dcd55ba385f99

    • SSDEEP

      768:uZ4FLz8ae+rOn8ae+rOJZ4FLz8ae+rOn8ae+rOG:uGIIJGIIG

    Score
    9/10
    • Renames multiple (5259) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks