7ca58c728db7f5d888711064a4775ecc9f457e4c1d23c205e27980d3e05c0c24 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9cd8db06cdddbaaa305121523ae6f430N.exe
Size

50KB
Sample

240805-rlz4hssdmh
MD5

9cd8db06cdddbaaa305121523ae6f430
SHA1

aba910238fb4138fecb652cc9cbb769c0d21345a
SHA256

7ca58c728db7f5d888711064a4775ecc9f457e4c1d23c205e27980d3e05c0c24
SHA512

b537c11b2ee1218e5e2d30eb651b330fb9496557403d748a7b5b44a3440f6ec88fdfa05368ad277eedfdd3cb34d266c99c80b16fefe8a59f2a30a291f49e4063
SSDEEP

768:W7BlpppARFbhjbhg42LcfpR42LcfproFNFew/DbAGw/DbAFTTi2v5TTi2ve:W7ZppApBULcfpHLcfpyDoAFTrT4

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  9cd8db06cdddbaaa305121523ae6f430N.exe
- Size
  
  50KB
- MD5
  
  9cd8db06cdddbaaa305121523ae6f430
- SHA1
  
  aba910238fb4138fecb652cc9cbb769c0d21345a
- SHA256
  
  7ca58c728db7f5d888711064a4775ecc9f457e4c1d23c205e27980d3e05c0c24
- SHA512
  
  b537c11b2ee1218e5e2d30eb651b330fb9496557403d748a7b5b44a3440f6ec88fdfa05368ad277eedfdd3cb34d266c99c80b16fefe8a59f2a30a291f49e4063
- SSDEEP
  
  768:W7BlpppARFbhjbhg42LcfpR42LcfproFNFew/DbAGw/DbAFTTi2v5TTi2ve:W7ZppApBULcfpHLcfpyDoAFTrT4
Score

9^/10

discovery ransomware
- Renames multiple (3251) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware