4469794c294997ee7152982d6a06996841f4c2c5bb2be355124167d6ccfaaf98 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7bf55a05526a29e56aaf575243d59790N.exe
Size

50KB
Sample

240807-g9nqaawhmc
MD5

7bf55a05526a29e56aaf575243d59790
SHA1

e55228447a2d4992371c1c7e0f4419c537945363
SHA256

4469794c294997ee7152982d6a06996841f4c2c5bb2be355124167d6ccfaaf98
SHA512

d5f2ab37cd5a4bd933735bf34e1b7e9e2252664c903f9bc3fed02aa0b5e47c493d7fa924d5397147c4b1ec5cd1721b725263dc8321a7528be0db1de5a7e14402
SSDEEP

768:/7BlpQpARFbhn54fmiy+3BVr54fmiy+3BV6nE101/:/7ZQpApmi6n9

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  7bf55a05526a29e56aaf575243d59790N.exe
- Size
  
  50KB
- MD5
  
  7bf55a05526a29e56aaf575243d59790
- SHA1
  
  e55228447a2d4992371c1c7e0f4419c537945363
- SHA256
  
  4469794c294997ee7152982d6a06996841f4c2c5bb2be355124167d6ccfaaf98
- SHA512
  
  d5f2ab37cd5a4bd933735bf34e1b7e9e2252664c903f9bc3fed02aa0b5e47c493d7fa924d5397147c4b1ec5cd1721b725263dc8321a7528be0db1de5a7e14402
- SSDEEP
  
  768:/7BlpQpARFbhn54fmiy+3BVr54fmiy+3BV6nE101/:/7ZQpApmi6n9
Score

9^/10

discovery ransomware
- Renames multiple (3377) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware