General

  • Target

    492409a3672cf06cb52e5d8cf6d4a30b98ca4fa0fa00f01235584e2e4495ff53

  • Size

    50KB

  • Sample

    250519-s5jrba1jw4

  • MD5

    627414752735d104a635176e57c8df85

  • SHA1

    3c7f740cbd1afdab5a4f32c0346c1f85404abbb5

  • SHA256

    492409a3672cf06cb52e5d8cf6d4a30b98ca4fa0fa00f01235584e2e4495ff53

  • SHA512

    e2a552785afcbf04ea81b30209ab336f55ab06916ee8d9847eaec0b7b714c5fc3181bfb7ca6f845337278c05b50f2fe939b855e60f80499678786919bd727bc3

  • SSDEEP

    768:uZ4FLz8ae+rOn8ae+rO2aZZ4FLz8ae+rOn8ae+rO2a9:uGIIVGIIp

Score
9/10

Malware Config

Targets

    • Target

      492409a3672cf06cb52e5d8cf6d4a30b98ca4fa0fa00f01235584e2e4495ff53

    • Size

      50KB

    • MD5

      627414752735d104a635176e57c8df85

    • SHA1

      3c7f740cbd1afdab5a4f32c0346c1f85404abbb5

    • SHA256

      492409a3672cf06cb52e5d8cf6d4a30b98ca4fa0fa00f01235584e2e4495ff53

    • SHA512

      e2a552785afcbf04ea81b30209ab336f55ab06916ee8d9847eaec0b7b714c5fc3181bfb7ca6f845337278c05b50f2fe939b855e60f80499678786919bd727bc3

    • SSDEEP

      768:uZ4FLz8ae+rOn8ae+rO2aZZ4FLz8ae+rOn8ae+rO2a9:uGIIVGIIp

    Score
    9/10
    • Renames multiple (5234) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks