ce88bb9d0eeb97c930ae5e3c541b5e4e96f3a1b90f74cdd2e92e29770cfc499d | Triage

Sharing

General

Target

682b9d802e02c67014f68c7ad6c05950N.exe
Size

42KB
Sample

240802-g5p3jszhqp
MD5

682b9d802e02c67014f68c7ad6c05950
SHA1

ab4f98c7e5f37773b38c56962ffd60ae81002d74
SHA256

ce88bb9d0eeb97c930ae5e3c541b5e4e96f3a1b90f74cdd2e92e29770cfc499d
SHA512

d76f4ee94d33f9082b3ed7a3f6e381491ca399c3bf423816931d0a96551d329e587e63431b243fd6a56afb9bec7bda653392653ca92034d1ea10a9ad2f96e002
SSDEEP

384:GBt7Br5xjL9AgA71FbhvuNBN10wpAp/lvolGClvolGwTCus7sczBEQgQg:W7BlpppARFbhbt7Y7wTCnBE3X

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  682b9d802e02c67014f68c7ad6c05950N.exe
- Size
  
  42KB
- MD5
  
  682b9d802e02c67014f68c7ad6c05950
- SHA1
  
  ab4f98c7e5f37773b38c56962ffd60ae81002d74
- SHA256
  
  ce88bb9d0eeb97c930ae5e3c541b5e4e96f3a1b90f74cdd2e92e29770cfc499d
- SHA512
  
  d76f4ee94d33f9082b3ed7a3f6e381491ca399c3bf423816931d0a96551d329e587e63431b243fd6a56afb9bec7bda653392653ca92034d1ea10a9ad2f96e002
- SSDEEP
  
  384:GBt7Br5xjL9AgA71FbhvuNBN10wpAp/lvolGClvolGwTCus7sczBEQgQg:W7BlpppARFbhbt7Y7wTCnBE3X
Score

9^/10

discovery ransomware
- Renames multiple (3447) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware