4e9762d0385abc614f124624ea9be798a831e4075266918dfe1408b695a85731 | Triage

Sharing

General

Target

4e9762d0385abc614f124624ea9be798a831e4075266918dfe1408b695a85731
Size

2.0MB
Sample

210409-f3kn7s5352
MD5

969b2014bcf47f5c53b5387873d05b23
SHA1

75aa2bc6cf06b8b75797d0934fa6f6ab93ecac2e
SHA256

4e9762d0385abc614f124624ea9be798a831e4075266918dfe1408b695a85731
SHA512

ae630548dd74c15cd7fe7917bfeeeb6baad61a385e94db61cbdcb2a8db8b7b4544a9ea9b7c937da25dc9e60711c6222cbef1ad910c0c1782cf2436471df07e08

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  4e9762d0385abc614f124624ea9be798a831e4075266918dfe1408b695a85731
- Size
  
  2.0MB
- MD5
  
  969b2014bcf47f5c53b5387873d05b23
- SHA1
  
  75aa2bc6cf06b8b75797d0934fa6f6ab93ecac2e
- SHA256
  
  4e9762d0385abc614f124624ea9be798a831e4075266918dfe1408b695a85731
- SHA512
  
  ae630548dd74c15cd7fe7917bfeeeb6baad61a385e94db61cbdcb2a8db8b7b4544a9ea9b7c937da25dc9e60711c6222cbef1ad910c0c1782cf2436471df07e08
Score

9^/10

discovery ransomware
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Modifies file permissions
  discovery
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File Deletion

File Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

discoveryransomware

behavioral2