8776b97a486543584a6a4008e43fa31da3dfef867ac15b35ea5108f07ec133d0 | Triage

Sharing

General

Target

02d29a089d89f9a1a0d3a63aa261d400N.exe
Size

106KB
Sample

240801-zkq38azgqd
MD5

02d29a089d89f9a1a0d3a63aa261d400
SHA1

e00d36052dff1a64073227f78bbe3090b467dc18
SHA256

8776b97a486543584a6a4008e43fa31da3dfef867ac15b35ea5108f07ec133d0
SHA512

a753cb5b8352bed1a8b01976f3cab47470d8524bd09cda8478e8360871ed3b16c049b2167602adc1465540229e79cb7111676e0aa94dfae0bba83508d2645c86
SSDEEP

3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZOf7fHegeK:RqKvb0CYJ973e+eKZOf7fHP3

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  02d29a089d89f9a1a0d3a63aa261d400N.exe
- Size
  
  106KB
- MD5
  
  02d29a089d89f9a1a0d3a63aa261d400
- SHA1
  
  e00d36052dff1a64073227f78bbe3090b467dc18
- SHA256
  
  8776b97a486543584a6a4008e43fa31da3dfef867ac15b35ea5108f07ec133d0
- SHA512
  
  a753cb5b8352bed1a8b01976f3cab47470d8524bd09cda8478e8360871ed3b16c049b2167602adc1465540229e79cb7111676e0aa94dfae0bba83508d2645c86
- SSDEEP
  
  3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZOf7fHegeK:RqKvb0CYJ973e+eKZOf7fHP3
Score

9^/10

discovery ransomware
- Renames multiple (3181) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware