364a2187da7dcb3c8093dd1f54ab6137391a1248b39b95b949a917e35ca90f13 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

691eeaf8a16cffe9511e7fc3b2ae2b30N.exe
Size

44KB
Sample

240803-h27zmawerq
MD5

691eeaf8a16cffe9511e7fc3b2ae2b30
SHA1

215a2eef0157c93f2cd84cc43d6daba22af0fdbb
SHA256

364a2187da7dcb3c8093dd1f54ab6137391a1248b39b95b949a917e35ca90f13
SHA512

bd4d682ae217a6eefd9eb8260104fcc9855a6e42ea6b031102cec7246b1d9d0bba672fddefcae638f998858f1fa73facda9485339703f1ac9d3b8ca4f650438f
SSDEEP

768:W7BlpppARFbhHFoqAJwBqAJw1VyjVy1CQCm:W7ZppApyVyjVy1CQCm

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  691eeaf8a16cffe9511e7fc3b2ae2b30N.exe
- Size
  
  44KB
- MD5
  
  691eeaf8a16cffe9511e7fc3b2ae2b30
- SHA1
  
  215a2eef0157c93f2cd84cc43d6daba22af0fdbb
- SHA256
  
  364a2187da7dcb3c8093dd1f54ab6137391a1248b39b95b949a917e35ca90f13
- SHA512
  
  bd4d682ae217a6eefd9eb8260104fcc9855a6e42ea6b031102cec7246b1d9d0bba672fddefcae638f998858f1fa73facda9485339703f1ac9d3b8ca4f650438f
- SSDEEP
  
  768:W7BlpppARFbhHFoqAJwBqAJw1VyjVy1CQCm:W7ZppApyVyjVy1CQCm
Score

9^/10

discovery ransomware
- Renames multiple (3249) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware