General

  • Target

    5f69c67d90234483ead14701d3522f1249741e938d626cc1e31a96b560a499dd

  • Size

    36KB

  • Sample

    250519-nrs1lsxmz3

  • MD5

    13502bbb025c86887dfd238884f58aa7

  • SHA1

    cd3ebabecb01c0d77449f79003de156a6f3c363b

  • SHA256

    5f69c67d90234483ead14701d3522f1249741e938d626cc1e31a96b560a499dd

  • SHA512

    f2b3e6dcd107431170b569dd4558d433940f450f7e5fb25632de913e2f35a37efb8250bd76f70769fb60af22d4770d6f6be0e03fada8703eb931bc1aab6a4ecb

  • SSDEEP

    768:uZ4FLz8ae+rOn8ae+rOdzEytU5CzEytU5TZ4FLz8ae+rOn8ae+rOdzEytU5CzEyW:uGIId7C5C7C5TGIId7C5C7C5cbe

Score
9/10

Malware Config

Targets

    • Target

      5f69c67d90234483ead14701d3522f1249741e938d626cc1e31a96b560a499dd

    • Size

      36KB

    • MD5

      13502bbb025c86887dfd238884f58aa7

    • SHA1

      cd3ebabecb01c0d77449f79003de156a6f3c363b

    • SHA256

      5f69c67d90234483ead14701d3522f1249741e938d626cc1e31a96b560a499dd

    • SHA512

      f2b3e6dcd107431170b569dd4558d433940f450f7e5fb25632de913e2f35a37efb8250bd76f70769fb60af22d4770d6f6be0e03fada8703eb931bc1aab6a4ecb

    • SSDEEP

      768:uZ4FLz8ae+rOn8ae+rOdzEytU5CzEytU5TZ4FLz8ae+rOn8ae+rOdzEytU5CzEyW:uGIId7C5C7C5TGIId7C5C7C5cbe

    Score
    9/10
    • Renames multiple (5236) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks