538a76cd2166b3b2b0e88352a2a64f9f13d4bcb2576e0826054ef57c7238bef2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

538a76cd2166b3b2b0e88352a2a64f9f13d4bcb2576e0826054ef57c7238bef2.exe
Size

818KB
Sample

240723-tyygkasaje
MD5

5557b6a82bdd90fcab0e34e1e3c025f5
SHA1

586d7469a8f1fcbbc65b4df0f3e26ca49a070e1f
SHA256

538a76cd2166b3b2b0e88352a2a64f9f13d4bcb2576e0826054ef57c7238bef2
SHA512

7f6764316be7adb165262259fa53bb85c6a844fd9e4b6c85af8a13226f2158e2881ae2fdaa6b3f82f8e9a52f4b7da2af428c388796f5bb7695ed17a47f947143
SSDEEP

12288:q9N0xM9tFBB2nFgQPdIjXH2lG+CYCH6tBsS4aKEi7Syc0mrMdCICf8BJJEo8888h:A9TD2nFgQPdQXTJiBsS45DScDCICfM

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  538a76cd2166b3b2b0e88352a2a64f9f13d4bcb2576e0826054ef57c7238bef2.exe
- Size
  
  818KB
- MD5
  
  5557b6a82bdd90fcab0e34e1e3c025f5
- SHA1
  
  586d7469a8f1fcbbc65b4df0f3e26ca49a070e1f
- SHA256
  
  538a76cd2166b3b2b0e88352a2a64f9f13d4bcb2576e0826054ef57c7238bef2
- SHA512
  
  7f6764316be7adb165262259fa53bb85c6a844fd9e4b6c85af8a13226f2158e2881ae2fdaa6b3f82f8e9a52f4b7da2af428c388796f5bb7695ed17a47f947143
- SSDEEP
  
  12288:q9N0xM9tFBB2nFgQPdIjXH2lG+CYCH6tBsS4aKEi7Syc0mrMdCICf8BJJEo8888h:A9TD2nFgQPdQXTJiBsS45DScDCICfM
Score

9^/10

discovery ransomware
- Renames multiple (62) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware