29d30237f4617e0869e27b352cf2c51c95df610208622b8382bd82b7f2fc4787 | Triage

Sharing

General

Target

TLauncher.exe
Size

1.0MB
Sample

240523-xpawpacf69
MD5

7af0bb6d5cb4ec6a0e92500c8613538e
SHA1

93a105113ba177990c67baccdc973ba312f73dc5
SHA256

29d30237f4617e0869e27b352cf2c51c95df610208622b8382bd82b7f2fc4787
SHA512

10cf88b52e8bb2d1675f31abbc1ba0583d9de7b3d18797755790853237dee439282b30bcee43fee1c7c964f2d425f5c40e098721b43a9a7a15c3ce3d6bd005b9
SSDEEP

12288:pyIVjAFZwJxEh13gi0IJTgcXS2GoDR1WjlbwQCcoUQJkSHutxf0EJHD:3VjAexEh13/JMH2xfWjlbUkXxf0E9

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  TLauncher.exe
- Size
  
  1.0MB
- MD5
  
  7af0bb6d5cb4ec6a0e92500c8613538e
- SHA1
  
  93a105113ba177990c67baccdc973ba312f73dc5
- SHA256
  
  29d30237f4617e0869e27b352cf2c51c95df610208622b8382bd82b7f2fc4787
- SHA512
  
  10cf88b52e8bb2d1675f31abbc1ba0583d9de7b3d18797755790853237dee439282b30bcee43fee1c7c964f2d425f5c40e098721b43a9a7a15c3ce3d6bd005b9
- SSDEEP
  
  12288:pyIVjAFZwJxEh13gi0IJTgcXS2GoDR1WjlbwQCcoUQJkSHutxf0EJHD:3VjAexEh13/JMH2xfWjlbUkXxf0E9
Score

9^/10

discovery ransomware
- Renames multiple (186) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Modifies file permissions
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware