3c0429eeb81a3f84e9202e2d7ae227ef18d076a56d2a28809925d74857491508 | Triage

Sharing

General

Target

5d171b1796440117083007c9c25683a0N.exe
Size

58KB
Sample

240803-grsxaazelf
MD5

5d171b1796440117083007c9c25683a0
SHA1

5b0113836070616e4cd080dea3a5a36f3b4e6af7
SHA256

3c0429eeb81a3f84e9202e2d7ae227ef18d076a56d2a28809925d74857491508
SHA512

41bbf4a25c597c4096e0d9e0ca70ac8fe44f04d1ce5c03db7974445d8f2079317c60ea9ac84e774d125ed08a7ff9bb795f4868aa3dd49b9e6acd38c64ef78d81
SSDEEP

1536:W7ZppApcZ/D5zf6ydyf+abMkF24kzK3jbrCkoRWNkzZ/D5zf6ydyf+abMkF24kz8:6pWpcZ/D5zf6ydyf+abMkF24kzK3jbrr

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  5d171b1796440117083007c9c25683a0N.exe
- Size
  
  58KB
- MD5
  
  5d171b1796440117083007c9c25683a0
- SHA1
  
  5b0113836070616e4cd080dea3a5a36f3b4e6af7
- SHA256
  
  3c0429eeb81a3f84e9202e2d7ae227ef18d076a56d2a28809925d74857491508
- SHA512
  
  41bbf4a25c597c4096e0d9e0ca70ac8fe44f04d1ce5c03db7974445d8f2079317c60ea9ac84e774d125ed08a7ff9bb795f4868aa3dd49b9e6acd38c64ef78d81
- SSDEEP
  
  1536:W7ZppApcZ/D5zf6ydyf+abMkF24kzK3jbrCkoRWNkzZ/D5zf6ydyf+abMkF24kz8:6pWpcZ/D5zf6ydyf+abMkF24kzK3jbrr
Score

9^/10

discovery ransomware
- Renames multiple (3424) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware