e955af7c49b1548edaa781f60ae8dfcfeac1a5a624c4b0f771e0795f01bd61ac | Triage

Sharing

General

Target

2e5eaafdfb958bf3f6a7f2c3672ed030N.exe
Size

50KB
Sample

240802-bfrxys1dnh
MD5

2e5eaafdfb958bf3f6a7f2c3672ed030
SHA1

0cfde6059a8baf47a5d2042bb3637959b89ac46c
SHA256

e955af7c49b1548edaa781f60ae8dfcfeac1a5a624c4b0f771e0795f01bd61ac
SHA512

a0f02dd9c9f921c0d47d95f873ef4ab9945926c0be05bc2f23c702710a8736f8cefa66b6d27ebf5229ca95aa9637dfb7ad8191dd36499fe87ac34bfa7beb5e0d
SSDEEP

384:GBt7Br5xjL9A7AgA71FbhvnIH2YsTKnKqtaW3WaEdW3WHY3SjSGNT:W7BlphA7pARFbhvOsTKnKqtkYi+GNT

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  2e5eaafdfb958bf3f6a7f2c3672ed030N.exe
- Size
  
  50KB
- MD5
  
  2e5eaafdfb958bf3f6a7f2c3672ed030
- SHA1
  
  0cfde6059a8baf47a5d2042bb3637959b89ac46c
- SHA256
  
  e955af7c49b1548edaa781f60ae8dfcfeac1a5a624c4b0f771e0795f01bd61ac
- SHA512
  
  a0f02dd9c9f921c0d47d95f873ef4ab9945926c0be05bc2f23c702710a8736f8cefa66b6d27ebf5229ca95aa9637dfb7ad8191dd36499fe87ac34bfa7beb5e0d
- SSDEEP
  
  384:GBt7Br5xjL9A7AgA71FbhvnIH2YsTKnKqtaW3WaEdW3WHY3SjSGNT:W7BlphA7pARFbhvOsTKnKqtkYi+GNT
Score

9^/10

discovery ransomware
- Renames multiple (331) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware