0a1309012a4bf9e028e1e6037a6443a4f27445ffd7e0107fba40ce0a56c73e06 | Triage

Sharing

General

Target

0a1309012a4bf9e028e1e6037a6443a4f27445ffd7e0107fba40ce0a56c73e06
Size

196KB
Sample

240802-w4nweszdqd
MD5

bf173a8a59a178e67b43dc26c02407c7
SHA1

da362f7b41035776f0fe902d0d751d4a37a8df71
SHA256

0a1309012a4bf9e028e1e6037a6443a4f27445ffd7e0107fba40ce0a56c73e06
SHA512

cefed7996f480f433ee7ea7430482a8b2c826368bdf7bc701a0dc97e7645042690e9bed17828fd45784ce7cabbe8abcfccbbd3eb9e89d3f59233d207e153fe84
SSDEEP

3072:6e7WpMNca3rytOkWpXfnYRl2l/9HSFHzJ0lBJTzk6:RqKB+tOkWKR0iJ0lTzk6

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  0a1309012a4bf9e028e1e6037a6443a4f27445ffd7e0107fba40ce0a56c73e06
- Size
  
  196KB
- MD5
  
  bf173a8a59a178e67b43dc26c02407c7
- SHA1
  
  da362f7b41035776f0fe902d0d751d4a37a8df71
- SHA256
  
  0a1309012a4bf9e028e1e6037a6443a4f27445ffd7e0107fba40ce0a56c73e06
- SHA512
  
  cefed7996f480f433ee7ea7430482a8b2c826368bdf7bc701a0dc97e7645042690e9bed17828fd45784ce7cabbe8abcfccbbd3eb9e89d3f59233d207e153fe84
- SSDEEP
  
  3072:6e7WpMNca3rytOkWpXfnYRl2l/9HSFHzJ0lBJTzk6:RqKB+tOkWKR0iJ0lTzk6
Score

9^/10

discovery ransomware
- Renames multiple (3265) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware