5581873ab02f4a0d5914c2efa5000e5e73aeb486354382f57e2a734b64e74bde | Triage

Sharing

General

Target

310c6fef9d3a320ee04c31cc1bdcb9a0N.exe
Size

60KB
Sample

240802-bp6gpsxbkj
MD5

310c6fef9d3a320ee04c31cc1bdcb9a0
SHA1

aa57ad05042ada64fdd45b796b18cb7828fade81
SHA256

5581873ab02f4a0d5914c2efa5000e5e73aeb486354382f57e2a734b64e74bde
SHA512

4741660b62b3da1c8c469e6c28bd7128c1d02dcd630c82cabe17b972740d85ba4a723e9560e8c2711444bfb19eca118a7995016bdb40a1fb57b715c001c7dca1
SSDEEP

768:/7BlpQpARFbhIYJIJDYJIJPfFpsJcFfFpsJcC+3mC+3meDAfABJ6fABJwEXB3:/7ZQpApze+eJfFpsJOfFpsJ5Dv

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  310c6fef9d3a320ee04c31cc1bdcb9a0N.exe
- Size
  
  60KB
- MD5
  
  310c6fef9d3a320ee04c31cc1bdcb9a0
- SHA1
  
  aa57ad05042ada64fdd45b796b18cb7828fade81
- SHA256
  
  5581873ab02f4a0d5914c2efa5000e5e73aeb486354382f57e2a734b64e74bde
- SHA512
  
  4741660b62b3da1c8c469e6c28bd7128c1d02dcd630c82cabe17b972740d85ba4a723e9560e8c2711444bfb19eca118a7995016bdb40a1fb57b715c001c7dca1
- SSDEEP
  
  768:/7BlpQpARFbhIYJIJDYJIJPfFpsJcFfFpsJcC+3mC+3meDAfABJ6fABJwEXB3:/7ZQpApze+eJfFpsJOfFpsJ5Dv
Score

9^/10

discovery ransomware
- Renames multiple (4651) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryransomware