f4f616aa8bc95842df249686fce81c1c5214c3c9b8bb38b70bc7640f1454dd04 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5550bd13fbf2ebbd6ea9c84acd348020N.exe
Size

53KB
Sample

240724-gm5qaathre
MD5

5550bd13fbf2ebbd6ea9c84acd348020
SHA1

15a5b84b35109ba0dd75ef5d56b3ba90fc945e94
SHA256

f4f616aa8bc95842df249686fce81c1c5214c3c9b8bb38b70bc7640f1454dd04
SHA512

989824893e9904bef65009265d69a3f328ac1c493b651c1cdc09fcc7ebf929782f5f78b8a8825335908142c413f515ccfc07d6a61eb567d0caf3a8ceff06e6b2
SSDEEP

1536:W7ZppApB7tlJ5OvtlJ5OwF7CujdyGdyMMkPMkYYL:6pWpB7tcttFOuR

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  5550bd13fbf2ebbd6ea9c84acd348020N.exe
- Size
  
  53KB
- MD5
  
  5550bd13fbf2ebbd6ea9c84acd348020
- SHA1
  
  15a5b84b35109ba0dd75ef5d56b3ba90fc945e94
- SHA256
  
  f4f616aa8bc95842df249686fce81c1c5214c3c9b8bb38b70bc7640f1454dd04
- SHA512
  
  989824893e9904bef65009265d69a3f328ac1c493b651c1cdc09fcc7ebf929782f5f78b8a8825335908142c413f515ccfc07d6a61eb567d0caf3a8ceff06e6b2
- SSDEEP
  
  1536:W7ZppApB7tlJ5OvtlJ5OwF7CujdyGdyMMkPMkYYL:6pWpB7tcttFOuR
Score

9^/10

discovery ransomware
- Renames multiple (312) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware