45da1ce857ed660db6b3bf240852dc1bbbec8019f079ac54299f5e722b4e2711 | Triage

Sharing

General

Target

98401b589cbcff784df3cf24ce661b90N.exe
Size

119KB
Sample

240807-kzh9lawdjq
MD5

98401b589cbcff784df3cf24ce661b90
SHA1

8ef4bc250429efd963debc95b06bad3e000584d3
SHA256

45da1ce857ed660db6b3bf240852dc1bbbec8019f079ac54299f5e722b4e2711
SHA512

79cee12ac7bba83109c1f27c875037c6a3ae51dda622698c1e085bbcf9c63bff53a742dd9180f3a240f8523d8f58adf6a3dc15055998962ed4e3962477d7074e
SSDEEP

1536:W7ZppApBULcfpHLcfpX2/Nw/Nwmx57ZppApBULcfpHLcfpX2/Nw/Nwmx4:6pWpBwchcV2WxjpWpBwchcV2Wx4

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  98401b589cbcff784df3cf24ce661b90N.exe
- Size
  
  119KB
- MD5
  
  98401b589cbcff784df3cf24ce661b90
- SHA1
  
  8ef4bc250429efd963debc95b06bad3e000584d3
- SHA256
  
  45da1ce857ed660db6b3bf240852dc1bbbec8019f079ac54299f5e722b4e2711
- SHA512
  
  79cee12ac7bba83109c1f27c875037c6a3ae51dda622698c1e085bbcf9c63bff53a742dd9180f3a240f8523d8f58adf6a3dc15055998962ed4e3962477d7074e
- SSDEEP
  
  1536:W7ZppApBULcfpHLcfpX2/Nw/Nwmx57ZppApBULcfpHLcfpX2/Nw/Nwmx4:6pWpBwchcV2WxjpWpBwchcV2Wx4
Score

9^/10

discovery ransomware
- Renames multiple (5042) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware