b71034ea84ade2a995b6e61243f985b7ff5c46840c62179902e4ecae133aa2f4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8a97420d70ab27949e25d3c48f74d700N.exe
Size

104KB
Sample

240802-lwwwysvbqp
MD5

8a97420d70ab27949e25d3c48f74d700
SHA1

53f5c19b1f62d54615c2ffb5f81238377db8e1cb
SHA256

b71034ea84ade2a995b6e61243f985b7ff5c46840c62179902e4ecae133aa2f4
SHA512

d401893f0907d51f59c95dcd2b89e19aaa4eef62d3b827104e0dffc7eb690f8f9c1d4510ce097df1e80a6e2eb6024f0dc21d6177585c28a32bb3fd84d12dc689
SSDEEP

3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZOf7fGimiR:RqKvb0CYJ973e+eKZOf7fGHy

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  8a97420d70ab27949e25d3c48f74d700N.exe
- Size
  
  104KB
- MD5
  
  8a97420d70ab27949e25d3c48f74d700
- SHA1
  
  53f5c19b1f62d54615c2ffb5f81238377db8e1cb
- SHA256
  
  b71034ea84ade2a995b6e61243f985b7ff5c46840c62179902e4ecae133aa2f4
- SHA512
  
  d401893f0907d51f59c95dcd2b89e19aaa4eef62d3b827104e0dffc7eb690f8f9c1d4510ce097df1e80a6e2eb6024f0dc21d6177585c28a32bb3fd84d12dc689
- SSDEEP
  
  3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZOf7fGimiR:RqKvb0CYJ973e+eKZOf7fGHy
Score

9^/10

discovery ransomware
- Renames multiple (3165) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware