4102d610c02ee04ce4ef9c1a7ba8d84aa887562993b178fa557cc1fb23ca2a37 | Triage

Sharing

General

Target

3dd5507af48fb8a40ec13692b55cc020N.exe
Size

97KB
Sample

240724-dcnr8sxdqb
MD5

3dd5507af48fb8a40ec13692b55cc020
SHA1

3bddcc4f56e11e5fe4a25809f64e11dbf1e2b386
SHA256

4102d610c02ee04ce4ef9c1a7ba8d84aa887562993b178fa557cc1fb23ca2a37
SHA512

9e72beb1d1b8126ef85e0e4b26cfd2ac8198a5c53d942b49794882172cb280972b280b52f7e5f1349d1d0891f13b2b94061cf9d00b7dc5b09913a756d852418a
SSDEEP

1536:W7ZppAp6KIK7w7ZppAp6KIK7TtNsO4tNsOc:6pWp6KIKUpWp6KIKftN54tN5c

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  3dd5507af48fb8a40ec13692b55cc020N.exe
- Size
  
  97KB
- MD5
  
  3dd5507af48fb8a40ec13692b55cc020
- SHA1
  
  3bddcc4f56e11e5fe4a25809f64e11dbf1e2b386
- SHA256
  
  4102d610c02ee04ce4ef9c1a7ba8d84aa887562993b178fa557cc1fb23ca2a37
- SHA512
  
  9e72beb1d1b8126ef85e0e4b26cfd2ac8198a5c53d942b49794882172cb280972b280b52f7e5f1349d1d0891f13b2b94061cf9d00b7dc5b09913a756d852418a
- SSDEEP
  
  1536:W7ZppAp6KIK7w7ZppAp6KIK7TtNsO4tNsOc:6pWp6KIKUpWp6KIKftN54tN5c
Score

9^/10

discovery ransomware
- Renames multiple (4477) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware