8a2167c5dc6e72ef1f0873fbc6988c3ebad84ec74f32075a26307d0f465cd567 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3785e1e98a40ec80c4f13499f57bfc50N.exe
Size

60KB
Sample

240724-chzk9avfpa
MD5

3785e1e98a40ec80c4f13499f57bfc50
SHA1

5d648bd42fa63e70a1fa29e75af869b8545dd753
SHA256

8a2167c5dc6e72ef1f0873fbc6988c3ebad84ec74f32075a26307d0f465cd567
SHA512

4a94d47d4960449d5597e7392ef06bcb6b8e558bf8bac52329ad0a5fded4e4ab687e83cc855e0a98de9554fd5a90757f1d001331e5173c05e79d1cf9c5dfd9b1
SSDEEP

768:W7BlphA7pARFbhx1d/XYrV6svC0D732jWp29lsbE0ssRqP4EuWDdAI4:W7ZhA7pApx1dvkC42jWALsbrsscP4ENK

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  3785e1e98a40ec80c4f13499f57bfc50N.exe
- Size
  
  60KB
- MD5
  
  3785e1e98a40ec80c4f13499f57bfc50
- SHA1
  
  5d648bd42fa63e70a1fa29e75af869b8545dd753
- SHA256
  
  8a2167c5dc6e72ef1f0873fbc6988c3ebad84ec74f32075a26307d0f465cd567
- SHA512
  
  4a94d47d4960449d5597e7392ef06bcb6b8e558bf8bac52329ad0a5fded4e4ab687e83cc855e0a98de9554fd5a90757f1d001331e5173c05e79d1cf9c5dfd9b1
- SSDEEP
  
  768:W7BlphA7pARFbhx1d/XYrV6svC0D732jWp29lsbE0ssRqP4EuWDdAI4:W7ZhA7pApx1dvkC42jWALsbrsscP4ENK
Score

9^/10

discovery ransomware
- Renames multiple (3007) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware