0673ee5845d7a8cd78c7eeec6157feaa9977ef193842f8d589a2866a2ef43fcf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0673ee5845d7a8cd78c7eeec6157feaa9977ef193842f8d589a2866a2ef43fcf
Size

98KB
Sample

240806-w12ccazeme
MD5

97c8b222e6f33aad7772bde5355edbcb
SHA1

9c0b49904da7dbcd375f382f4dd1b69db3ef6986
SHA256

0673ee5845d7a8cd78c7eeec6157feaa9977ef193842f8d589a2866a2ef43fcf
SHA512

6aeddcb8d27ed5fb6b223e2187e42a76efb3122c080d930d9bb5a56aed9519003a3d699acb776d1952370939808bbf2f1f8443b2b92b043c73b948b56f41c8fa
SSDEEP

768:W7BlpppARFbhbt7Y7wTCIofQOiJfofQOiJpQ/Q2Yv7BlpppARFbhbt7Y7wTCIofU:W7ZppApqHMsPYv7ZppApqHMsPYj

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  0673ee5845d7a8cd78c7eeec6157feaa9977ef193842f8d589a2866a2ef43fcf
- Size
  
  98KB
- MD5
  
  97c8b222e6f33aad7772bde5355edbcb
- SHA1
  
  9c0b49904da7dbcd375f382f4dd1b69db3ef6986
- SHA256
  
  0673ee5845d7a8cd78c7eeec6157feaa9977ef193842f8d589a2866a2ef43fcf
- SHA512
  
  6aeddcb8d27ed5fb6b223e2187e42a76efb3122c080d930d9bb5a56aed9519003a3d699acb776d1952370939808bbf2f1f8443b2b92b043c73b948b56f41c8fa
- SSDEEP
  
  768:W7BlpppARFbhbt7Y7wTCIofQOiJfofQOiJpQ/Q2Yv7BlpppARFbhbt7Y7wTCIofU:W7ZppApqHMsPYv7ZppApqHMsPYj
Score

9^/10

discovery ransomware
- Renames multiple (5636) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware