e49098ba60e6b647b46ce28895422c4d849eeb9ab5c395a0a84f7e9bebd34ee1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3bfc018a567c570a79f6edb36672bc00N.exe
Size

58KB
Sample

240807-bhpwdawerj
MD5

3bfc018a567c570a79f6edb36672bc00
SHA1

21141d89f96d76a393acb581b6e000f9a2442c94
SHA256

e49098ba60e6b647b46ce28895422c4d849eeb9ab5c395a0a84f7e9bebd34ee1
SHA512

51946fc3ede9b461ea3dab3f93442622b624e41678dcff64d4b2d8ad59bfaf10c8c88c4b02732a3cc57e13ef9286b3a80971ac9fa208c3fc73ae71b98ee0cf9a
SSDEEP

768:/7BlpQpARFbhIYJIJDYJIJxfFpsJcEKLF/MF/28HaT9PP9PH:/7ZQpApze+ejfFpsJPKZ2e8HaT9B

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  3bfc018a567c570a79f6edb36672bc00N.exe
- Size
  
  58KB
- MD5
  
  3bfc018a567c570a79f6edb36672bc00
- SHA1
  
  21141d89f96d76a393acb581b6e000f9a2442c94
- SHA256
  
  e49098ba60e6b647b46ce28895422c4d849eeb9ab5c395a0a84f7e9bebd34ee1
- SHA512
  
  51946fc3ede9b461ea3dab3f93442622b624e41678dcff64d4b2d8ad59bfaf10c8c88c4b02732a3cc57e13ef9286b3a80971ac9fa208c3fc73ae71b98ee0cf9a
- SSDEEP
  
  768:/7BlpQpARFbhIYJIJDYJIJxfFpsJcEKLF/MF/28HaT9PP9PH:/7ZQpApze+ejfFpsJPKZ2e8HaT9B
Score

9^/10

discovery ransomware
- Renames multiple (3274) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware