General

  • Target

    cb017e3b9afd6b6704f192efd44524731fed9195cca5ff27d741bcdd7f5fa876

  • Size

    541KB

  • Sample

    250515-ns2n5svmx6

  • MD5

    d1159bb34d39036077102195bdc35c74

  • SHA1

    4c4a3ef9bbb2c18b5ee5c3cfdb86f9ebbe3cbe19

  • SHA256

    cb017e3b9afd6b6704f192efd44524731fed9195cca5ff27d741bcdd7f5fa876

  • SHA512

    3dc92ebe48ee7113799fad0b5035a82afeb4b675c9a35f5909917b0d6a3a4e501c6e0115dd3d49336f8f6ee38fdc31349f543e74c999277c1192670bb1efddff

  • SSDEEP

    12288:/mN9Mttts+n8tGwXglfWF1wU7mN9Mttts+n8tGwXglfWF1wUI:/mNOttts+nKGwXgluF1wimNOttts+nKc

Score
9/10

Malware Config

Targets

    • Target

      cb017e3b9afd6b6704f192efd44524731fed9195cca5ff27d741bcdd7f5fa876

    • Size

      541KB

    • MD5

      d1159bb34d39036077102195bdc35c74

    • SHA1

      4c4a3ef9bbb2c18b5ee5c3cfdb86f9ebbe3cbe19

    • SHA256

      cb017e3b9afd6b6704f192efd44524731fed9195cca5ff27d741bcdd7f5fa876

    • SHA512

      3dc92ebe48ee7113799fad0b5035a82afeb4b675c9a35f5909917b0d6a3a4e501c6e0115dd3d49336f8f6ee38fdc31349f543e74c999277c1192670bb1efddff

    • SSDEEP

      12288:/mN9Mttts+n8tGwXglfWF1wU7mN9Mttts+n8tGwXglfWF1wUI:/mNOttts+nKGwXgluF1wimNOttts+nKc

    Score
    9/10
    • Renames multiple (4629) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks