29b4c5e81ac9e87d5197a1c7b182447c1b58b54861d3295d06a9498aa58e5255 | Triage

Sharing

General

Target

0643227992fd60411400fca2f7f5bd50N.exe
Size

42KB
Sample

240726-n698fawepj
MD5

0643227992fd60411400fca2f7f5bd50
SHA1

db7b616f78681b6a2fdffe1525ca8c5c1bd37a38
SHA256

29b4c5e81ac9e87d5197a1c7b182447c1b58b54861d3295d06a9498aa58e5255
SHA512

9411b7aa5e81c2ee39a464a3673e8c5014f0e7c3e7c1160a7176386c4aebb50d7a483b5171b992be1856d3166f96b1c3afddefa6750221914bcb3fd0d59d8c07
SSDEEP

768:W7BlpppARFbhjbhg42LcfpR42LcfpT4wWklr:W7ZppApBULcfpHLcfp5WQ

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  0643227992fd60411400fca2f7f5bd50N.exe
- Size
  
  42KB
- MD5
  
  0643227992fd60411400fca2f7f5bd50
- SHA1
  
  db7b616f78681b6a2fdffe1525ca8c5c1bd37a38
- SHA256
  
  29b4c5e81ac9e87d5197a1c7b182447c1b58b54861d3295d06a9498aa58e5255
- SHA512
  
  9411b7aa5e81c2ee39a464a3673e8c5014f0e7c3e7c1160a7176386c4aebb50d7a483b5171b992be1856d3166f96b1c3afddefa6750221914bcb3fd0d59d8c07
- SSDEEP
  
  768:W7BlpppARFbhjbhg42LcfpR42LcfpT4wWklr:W7ZppApBULcfpHLcfp5WQ
Score

9^/10

discovery ransomware
- Renames multiple (2978) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware