9797044a9d8d97835b9f4c9cbcbe323d632d3352b3b95e33d266a3b5ede91998 | Triage

Sharing

General

Target

7d461dbaf313eb6205de1d31ec211780N.exe
Size

251KB
Sample

240727-cakgcssdnh
MD5

7d461dbaf313eb6205de1d31ec211780
SHA1

5942ef9b2cafa28423f1f7fff4409b14eb7f622b
SHA256

9797044a9d8d97835b9f4c9cbcbe323d632d3352b3b95e33d266a3b5ede91998
SHA512

c7f543f34f8814eec0e5fb69d0cab05d61324d867d522ea7cd00d7c16b27a1f256a9f18241de2608f7c9d26f60be7290d947c17f3a1b356b563a0b5fcf26cd38
SSDEEP

3072:6e7Wp1He7Wp1SfWVP2ZQfq6Tl7j66sfmTk3WdK1U:RqGquWVWQVm6S3WYU

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  7d461dbaf313eb6205de1d31ec211780N.exe
- Size
  
  251KB
- MD5
  
  7d461dbaf313eb6205de1d31ec211780
- SHA1
  
  5942ef9b2cafa28423f1f7fff4409b14eb7f622b
- SHA256
  
  9797044a9d8d97835b9f4c9cbcbe323d632d3352b3b95e33d266a3b5ede91998
- SHA512
  
  c7f543f34f8814eec0e5fb69d0cab05d61324d867d522ea7cd00d7c16b27a1f256a9f18241de2608f7c9d26f60be7290d947c17f3a1b356b563a0b5fcf26cd38
- SSDEEP
  
  3072:6e7Wp1He7Wp1SfWVP2ZQfq6Tl7j66sfmTk3WdK1U:RqGquWVWQVm6S3WYU
Score

9^/10

discovery ransomware
- Renames multiple (1462) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryransomware