General

  • Target

    f1ea63a74423e22c9cc4420ff07305c8f9a26408ddf4c3e2dd12772057202d23

  • Size

    156KB

  • Sample

    250519-v98bkscl2s

  • MD5

    b8a475251ddc1a00b3a426e6946c4485

  • SHA1

    f43991636722f1078a2d0181ac990ab9d3b20c19

  • SHA256

    f1ea63a74423e22c9cc4420ff07305c8f9a26408ddf4c3e2dd12772057202d23

  • SHA512

    0267c740ebd440d3744ad35cd097bacf1d6133219b133c287d5b0d8f2175e9f92e90c04c435dad5f04b18dccdc71cbffd33d437dd5e65fc1330a4ebed4ea434b

  • SSDEEP

    3072:/WTSIoXkZA/gwjHnrhtVufJO05m4uvHwog8yT5Fog:/WTSIoXNHnr1GJOl4uvjgddFT

Score
9/10

Malware Config

Targets

    • Target

      f1ea63a74423e22c9cc4420ff07305c8f9a26408ddf4c3e2dd12772057202d23

    • Size

      156KB

    • MD5

      b8a475251ddc1a00b3a426e6946c4485

    • SHA1

      f43991636722f1078a2d0181ac990ab9d3b20c19

    • SHA256

      f1ea63a74423e22c9cc4420ff07305c8f9a26408ddf4c3e2dd12772057202d23

    • SHA512

      0267c740ebd440d3744ad35cd097bacf1d6133219b133c287d5b0d8f2175e9f92e90c04c435dad5f04b18dccdc71cbffd33d437dd5e65fc1330a4ebed4ea434b

    • SSDEEP

      3072:/WTSIoXkZA/gwjHnrhtVufJO05m4uvHwog8yT5Fog:/WTSIoXNHnr1GJOl4uvjgddFT

    Score
    9/10
    • Renames multiple (5343) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks