decb00fa6c2bcca86ce7785986ffe06d6343f834aa2eaad363f82d12aa797714 | Triage

Sharing

General

Target

decb00fa6c2bcca86ce7785986ffe06d6343f834aa2eaad363f82d12aa797714
Size

102KB
Sample

240727-fdnvqs1end
MD5

63061449c5ed6d2eab1ed72c82db8b96
SHA1

02c657e16e820703284857d69101b6b209f0c4d8
SHA256

decb00fa6c2bcca86ce7785986ffe06d6343f834aa2eaad363f82d12aa797714
SHA512

836c9b73c0338d75449e456ad9a9f37e2c5486704f36d87252855673b04a2199e88ff13dc3642c26a1e7ad9c6ada6fc22430786a1a22c7bb1d17b518bbd5ca38
SSDEEP

3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZOf7fO:RqKvb0CYJ973e+eKZOf7fO

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  decb00fa6c2bcca86ce7785986ffe06d6343f834aa2eaad363f82d12aa797714
- Size
  
  102KB
- MD5
  
  63061449c5ed6d2eab1ed72c82db8b96
- SHA1
  
  02c657e16e820703284857d69101b6b209f0c4d8
- SHA256
  
  decb00fa6c2bcca86ce7785986ffe06d6343f834aa2eaad363f82d12aa797714
- SHA512
  
  836c9b73c0338d75449e456ad9a9f37e2c5486704f36d87252855673b04a2199e88ff13dc3642c26a1e7ad9c6ada6fc22430786a1a22c7bb1d17b518bbd5ca38
- SSDEEP
  
  3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZOf7fO:RqKvb0CYJ973e+eKZOf7fO
Score

9^/10

discovery ransomware
- Renames multiple (1476) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware