1676093a2107ebbd16b1cd90eb55c56cfa53008b6a5bbb9e1bf495aaa4cf1fe4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1676093a2107ebbd16b1cd90eb55c56cfa53008b6a5bbb9e1bf495aaa4cf1fe4
Size

99KB
Sample

240726-xqntyayclm
MD5

0f49d23cbe24f653294e5cd08c4c8a49
SHA1

1be53840e050e8384f03fcd3961718e8674497bd
SHA256

1676093a2107ebbd16b1cd90eb55c56cfa53008b6a5bbb9e1bf495aaa4cf1fe4
SHA512

d47b17168aa24a327c3649b3ca6148a4b513f338812e583b40d408853dfdb6e2274ab1650c8416535cb90390525ad5d6deab1b79b68bedc6885a6eb52959bf5a
SSDEEP

3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZOf7ff:RqKvb0CYJ973e+eKZOf7ff

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  1676093a2107ebbd16b1cd90eb55c56cfa53008b6a5bbb9e1bf495aaa4cf1fe4
- Size
  
  99KB
- MD5
  
  0f49d23cbe24f653294e5cd08c4c8a49
- SHA1
  
  1be53840e050e8384f03fcd3961718e8674497bd
- SHA256
  
  1676093a2107ebbd16b1cd90eb55c56cfa53008b6a5bbb9e1bf495aaa4cf1fe4
- SHA512
  
  d47b17168aa24a327c3649b3ca6148a4b513f338812e583b40d408853dfdb6e2274ab1650c8416535cb90390525ad5d6deab1b79b68bedc6885a6eb52959bf5a
- SSDEEP
  
  3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZOf7ff:RqKvb0CYJ973e+eKZOf7ff
Score

9^/10

discovery ransomware
- Renames multiple (2994) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware