e7dc5745b24231539f80a9ed97f16f93008782637c2df221ae8e481da24d815b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

625ce71f6274d354aa239b8ce9ee52b0N.exe
Size

189KB
Sample

240726-2g62dascqd
MD5

625ce71f6274d354aa239b8ce9ee52b0
SHA1

5def46403fd2f2fe3699904ec20715ab45a1f32b
SHA256

e7dc5745b24231539f80a9ed97f16f93008782637c2df221ae8e481da24d815b
SHA512

ddb90592f765c75790166396375be3044e5e0348c117a4baff2a5fbb987435d98ce6cbfb9f09ac4e804a0b8dd20d60d66c6f7f7d7004ed6f04dd7d240dc7325d
SSDEEP

3072:6e7WpP9oVLQthbYY9oVLQthbUvRIWI83B+e7WpP9oVLQthbYY9oVLQthbUvRIWIB:RqAZIWIydqAZIWIyG

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  625ce71f6274d354aa239b8ce9ee52b0N.exe
- Size
  
  189KB
- MD5
  
  625ce71f6274d354aa239b8ce9ee52b0
- SHA1
  
  5def46403fd2f2fe3699904ec20715ab45a1f32b
- SHA256
  
  e7dc5745b24231539f80a9ed97f16f93008782637c2df221ae8e481da24d815b
- SHA512
  
  ddb90592f765c75790166396375be3044e5e0348c117a4baff2a5fbb987435d98ce6cbfb9f09ac4e804a0b8dd20d60d66c6f7f7d7004ed6f04dd7d240dc7325d
- SSDEEP
  
  3072:6e7WpP9oVLQthbYY9oVLQthbUvRIWI83B+e7WpP9oVLQthbYY9oVLQthbUvRIWIB:RqAZIWIydqAZIWIyG
Score

9^/10

discovery ransomware
- Renames multiple (279) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware