2d9e04a98d108c90055a6c3355c27453392561208e49dd40e8e8ca1b3c736dff | Triage

Sharing

General

Target

3ff4839801f94011a0e588c36b9d9500N.exe
Size

87KB
Sample

240802-c4g84awbrd
MD5

3ff4839801f94011a0e588c36b9d9500
SHA1

5119fc7575ed5913050df6daacdad7e016069ebb
SHA256

2d9e04a98d108c90055a6c3355c27453392561208e49dd40e8e8ca1b3c736dff
SHA512

0ba20088a57c8d580c7385fb87c5461cf3b91492015e42b85f986acf1e7e73404daa66f811bd03e4b906f129b035669ddecb546357aa64d812268a1c3f202b57
SSDEEP

768:W7BlpppARFbhbt7Y7wTCIofQOiJfofQOiJ77BlpppARFbhbt7Y7wTCIofQOiJfoL:W7ZppApqHI7ZppApqHT

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  3ff4839801f94011a0e588c36b9d9500N.exe
- Size
  
  87KB
- MD5
  
  3ff4839801f94011a0e588c36b9d9500
- SHA1
  
  5119fc7575ed5913050df6daacdad7e016069ebb
- SHA256
  
  2d9e04a98d108c90055a6c3355c27453392561208e49dd40e8e8ca1b3c736dff
- SHA512
  
  0ba20088a57c8d580c7385fb87c5461cf3b91492015e42b85f986acf1e7e73404daa66f811bd03e4b906f129b035669ddecb546357aa64d812268a1c3f202b57
- SSDEEP
  
  768:W7BlpppARFbhbt7Y7wTCIofQOiJfofQOiJ77BlpppARFbhbt7Y7wTCIofQOiJfoL:W7ZppApqHI7ZppApqHT
Score

9^/10

discovery ransomware
- Renames multiple (3857) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware