General

  • Target

    531be8349019ef142d06961ba5a90157e08d92bc8fcaac671b6009dab805cf04

  • Size

    51KB

  • Sample

    250515-mepxratl19

  • MD5

    0c4855d359f05616be069fc33b6fcdbd

  • SHA1

    93a0cbecaabbe05daf67b64e570423e94bc0e684

  • SHA256

    531be8349019ef142d06961ba5a90157e08d92bc8fcaac671b6009dab805cf04

  • SHA512

    5d42602a0c3037957272b2794d11d2243ba1b5cb422a56f0dc7168fee5b93d9df3867404c750c10b2f42c368454617b57b7f68fd039c971fc6d69345ca1f2f14

  • SSDEEP

    768:s7BlpppARFbhdLz8ae+rOn8ae+rOb8h7BlpppARFbhdLz8ae+rOn8ae+rOb830:s7ZppApdIIQ7ZppApdIIb

Score
9/10

Malware Config

Targets

    • Target

      531be8349019ef142d06961ba5a90157e08d92bc8fcaac671b6009dab805cf04

    • Size

      51KB

    • MD5

      0c4855d359f05616be069fc33b6fcdbd

    • SHA1

      93a0cbecaabbe05daf67b64e570423e94bc0e684

    • SHA256

      531be8349019ef142d06961ba5a90157e08d92bc8fcaac671b6009dab805cf04

    • SHA512

      5d42602a0c3037957272b2794d11d2243ba1b5cb422a56f0dc7168fee5b93d9df3867404c750c10b2f42c368454617b57b7f68fd039c971fc6d69345ca1f2f14

    • SSDEEP

      768:s7BlpppARFbhdLz8ae+rOn8ae+rOb8h7BlpppARFbhdLz8ae+rOn8ae+rOb830:s7ZppApdIIQ7ZppApdIIb

    Score
    9/10
    • Renames multiple (5308) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks