82d53ea36b8b078b8ad4e7c0b37469b4bfa7566d82bdcb23da3eabcf3d127cf5 | Triage

Sharing

General

Target

029cdd6892400bb97fd3008c8b47e9d0N.exe
Size

106KB
Sample

240801-zg8tvswdln
MD5

029cdd6892400bb97fd3008c8b47e9d0
SHA1

4f41d758f6752ff0b668b50d3c71e9ee36c93dfb
SHA256

82d53ea36b8b078b8ad4e7c0b37469b4bfa7566d82bdcb23da3eabcf3d127cf5
SHA512

0cdf00f1ac03fe0ade82c58c6bc08150aa2deadd0970c0f5998ad26bf7f3b35e9e1009be37b98b4adf1275c1b93904a6ff0aeb3496ba8fe2134034d20a537d93
SSDEEP

3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZOf7f1:RqKvb0CYJ973e+eKZOf7f1

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  029cdd6892400bb97fd3008c8b47e9d0N.exe
- Size
  
  106KB
- MD5
  
  029cdd6892400bb97fd3008c8b47e9d0
- SHA1
  
  4f41d758f6752ff0b668b50d3c71e9ee36c93dfb
- SHA256
  
  82d53ea36b8b078b8ad4e7c0b37469b4bfa7566d82bdcb23da3eabcf3d127cf5
- SHA512
  
  0cdf00f1ac03fe0ade82c58c6bc08150aa2deadd0970c0f5998ad26bf7f3b35e9e1009be37b98b4adf1275c1b93904a6ff0aeb3496ba8fe2134034d20a537d93
- SSDEEP
  
  3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZOf7f1:RqKvb0CYJ973e+eKZOf7f1
Score

9^/10

discovery ransomware
- Renames multiple (399) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware