ef3cb958d895f5bfb8ef5ee697a06b3510dc39afb606679ca0490a38114f5130 | Triage

Sharing

General

Target

9344415643eff0e5ffb1e7acbdf5ad90N.exe
Size

100KB
Sample

240802-myfs7avhkp
MD5

9344415643eff0e5ffb1e7acbdf5ad90
SHA1

f7b56b5fa8db6c66977ac26c4c32cbd6965f3578
SHA256

ef3cb958d895f5bfb8ef5ee697a06b3510dc39afb606679ca0490a38114f5130
SHA512

6902add7e9400d8d64a3eb26a428ba1d7748af9da87f3bb8d8b52c66124d0227898b5edadf041fbbc468cd01d67a61426c62b327ba9e5b3828fb7ef29c6a3b3d
SSDEEP

3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZ0VXa39:RqKvb0CYJ973e+eKZ0VI

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  9344415643eff0e5ffb1e7acbdf5ad90N.exe
- Size
  
  100KB
- MD5
  
  9344415643eff0e5ffb1e7acbdf5ad90
- SHA1
  
  f7b56b5fa8db6c66977ac26c4c32cbd6965f3578
- SHA256
  
  ef3cb958d895f5bfb8ef5ee697a06b3510dc39afb606679ca0490a38114f5130
- SHA512
  
  6902add7e9400d8d64a3eb26a428ba1d7748af9da87f3bb8d8b52c66124d0227898b5edadf041fbbc468cd01d67a61426c62b327ba9e5b3828fb7ef29c6a3b3d
- SSDEEP
  
  3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZ0VXa39:RqKvb0CYJ973e+eKZ0VI
Score

9^/10

discovery ransomware
- Renames multiple (2884) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware