dbac8aa6841bf3e624f198b77e12a9f811aeecf92df5586450508f0dc74fd118 | Triage

Sharing

General

Target

9dd775596dd588111f824e1fd535ef40N.exe
Size

61KB
Sample

240727-gtgl2atepc
MD5

9dd775596dd588111f824e1fd535ef40
SHA1

49f186a53f8ed834273a46d768822a51f395cab0
SHA256

dbac8aa6841bf3e624f198b77e12a9f811aeecf92df5586450508f0dc74fd118
SHA512

1a4bdfde0500525137bb00831b379255dc824a056a6f39d50486c7f2d65720d362f7f9566c0c59db572156a3d7876599fc1e308e30ce758e2a5a955a8410d44a
SSDEEP

768:p7BlphA7dASbS+m0CAbLg++PJHJzIWD+dVdCYgck5sIZFlzc3/Sg2aDM9uA9DM9e:p7ZhA7dAp1++PJHJXA/OsIZfzc3/Q8A

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  9dd775596dd588111f824e1fd535ef40N.exe
- Size
  
  61KB
- MD5
  
  9dd775596dd588111f824e1fd535ef40
- SHA1
  
  49f186a53f8ed834273a46d768822a51f395cab0
- SHA256
  
  dbac8aa6841bf3e624f198b77e12a9f811aeecf92df5586450508f0dc74fd118
- SHA512
  
  1a4bdfde0500525137bb00831b379255dc824a056a6f39d50486c7f2d65720d362f7f9566c0c59db572156a3d7876599fc1e308e30ce758e2a5a955a8410d44a
- SSDEEP
  
  768:p7BlphA7dASbS+m0CAbLg++PJHJzIWD+dVdCYgck5sIZFlzc3/Sg2aDM9uA9DM9e:p7ZhA7dAp1++PJHJXA/OsIZfzc3/Q8A
Score

9^/10

discovery ransomware
- Renames multiple (608) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware