General

  • Target

    1f4342ef98190c79f25e2e6408753d73d6cbec9f8871690063d57314495f72da

  • Size

    47KB

  • Sample

    250519-ntj6gsxns9

  • MD5

    1fddbb8a84e7464ec7ad4d083160f0af

  • SHA1

    45f9540266e18e207e69aa3dc53863210bfeb654

  • SHA256

    1f4342ef98190c79f25e2e6408753d73d6cbec9f8871690063d57314495f72da

  • SHA512

    4689dae5e5f36a9e176e4d2b7278e0f37e1b300081c68ccde22f3641611525198fd88e84d1b5a1cbe2c2dbc9c49906bc00501249f1cd29482f2b0e1177fca034

  • SSDEEP

    768:uZ4FLz8ae+rOn8ae+rOqvv50Ui1xHv50Ui1xPZ4FLz8ae+rOn8ae+rOTWyKoIWbf:uGIIqn50TL50TTGIICyKoIWbsHfySkT3

Score
9/10

Malware Config

Targets

    • Target

      1f4342ef98190c79f25e2e6408753d73d6cbec9f8871690063d57314495f72da

    • Size

      47KB

    • MD5

      1fddbb8a84e7464ec7ad4d083160f0af

    • SHA1

      45f9540266e18e207e69aa3dc53863210bfeb654

    • SHA256

      1f4342ef98190c79f25e2e6408753d73d6cbec9f8871690063d57314495f72da

    • SHA512

      4689dae5e5f36a9e176e4d2b7278e0f37e1b300081c68ccde22f3641611525198fd88e84d1b5a1cbe2c2dbc9c49906bc00501249f1cd29482f2b0e1177fca034

    • SSDEEP

      768:uZ4FLz8ae+rOn8ae+rOqvv50Ui1xHv50Ui1xPZ4FLz8ae+rOn8ae+rOTWyKoIWbf:uGIIqn50TL50TTGIICyKoIWbsHfySkT3

    Score
    9/10
    • Renames multiple (5230) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks