03307d10f6918d76d1d02f1f283eba527ac1c461f0b835ee7120c0e46dbb8218 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

03307d10f6918d76d1d02f1f283eba527ac1c461f0b835ee7120c0e46dbb8218
Size

87KB
Sample

240805-wvh9ksxfnc
MD5

886744e864b578fe8fee06c898f05963
SHA1

f2688c22717419edf07546486415c27cfeb8c466
SHA256

03307d10f6918d76d1d02f1f283eba527ac1c461f0b835ee7120c0e46dbb8218
SHA512

47ee0a4386ba4615d888e20e85991937411fa7d24f46dc06cae2bec1f93e2e9bee4754a5a34c4bd54605043753ab1343d9b03eb394eb71ece3c878c82555f671
SSDEEP

1536:W7ZppApBULcfpHLcfpyDj7ZppApBULcfpHLcfpyD3tZ4v:6pWpBwchcwDBpWpBwchcwD3tZ4v

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  03307d10f6918d76d1d02f1f283eba527ac1c461f0b835ee7120c0e46dbb8218
- Size
  
  87KB
- MD5
  
  886744e864b578fe8fee06c898f05963
- SHA1
  
  f2688c22717419edf07546486415c27cfeb8c466
- SHA256
  
  03307d10f6918d76d1d02f1f283eba527ac1c461f0b835ee7120c0e46dbb8218
- SHA512
  
  47ee0a4386ba4615d888e20e85991937411fa7d24f46dc06cae2bec1f93e2e9bee4754a5a34c4bd54605043753ab1343d9b03eb394eb71ece3c878c82555f671
- SSDEEP
  
  1536:W7ZppApBULcfpHLcfpyDj7ZppApBULcfpHLcfpyD3tZ4v:6pWpBwchcwDBpWpBwchcwD3tZ4v
Score

9^/10

discovery ransomware
- Renames multiple (4896) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware