a749577f035f5eace53a3c4f38b7edea006ed9a2c47417acdc0cc5e6dbca0b87 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9a9ab521ba4e5ffddcc6fa93ef814230N.exe
Size

135KB
Sample

240806-nh66waxgjq
MD5

9a9ab521ba4e5ffddcc6fa93ef814230
SHA1

25a9868620c7214c11fe2c35d31298a6b9772198
SHA256

a749577f035f5eace53a3c4f38b7edea006ed9a2c47417acdc0cc5e6dbca0b87
SHA512

705bcda24827edbb900d68ca16998abe33f53422a6193f64f9ebbbb1efcb0c04d109c168007da1dbcc66c9d99ee3411984a78d6de1267a85f1c7a0fda2fbbaa8
SSDEEP

3072:6e7WpHIyRF9ESWu0SWuDmSXrw3Mtr0s8P43D:RqlIyFESWu0SWu2s8P43D

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  9a9ab521ba4e5ffddcc6fa93ef814230N.exe
- Size
  
  135KB
- MD5
  
  9a9ab521ba4e5ffddcc6fa93ef814230
- SHA1
  
  25a9868620c7214c11fe2c35d31298a6b9772198
- SHA256
  
  a749577f035f5eace53a3c4f38b7edea006ed9a2c47417acdc0cc5e6dbca0b87
- SHA512
  
  705bcda24827edbb900d68ca16998abe33f53422a6193f64f9ebbbb1efcb0c04d109c168007da1dbcc66c9d99ee3411984a78d6de1267a85f1c7a0fda2fbbaa8
- SSDEEP
  
  3072:6e7WpHIyRF9ESWu0SWuDmSXrw3Mtr0s8P43D:RqlIyFESWu0SWu2s8P43D
Score

9^/10

discovery ransomware
- Renames multiple (338) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware