5081dc05b277e6f0408e5d5fc99208ce29229f8c1edabf753cbd6e9b015106dd | Triage

Sharing

General

Target

5081dc05b277e6f0408e5d5fc99208ce29229f8c1edabf753cbd6e9b015106dd
Size

70KB
Sample

240808-z57lpstekh
MD5

547cb249b9ea5f62acc7285d4bdea873
SHA1

6a04cf0f71ec1cd0eea61758c13f1066918d993e
SHA256

5081dc05b277e6f0408e5d5fc99208ce29229f8c1edabf753cbd6e9b015106dd
SHA512

e095cc377592ecc9096c363fb67c5ba76462754083700b8dd36ac73214111c5fe58bfd1e20e5a6d393c4249f4a5e5e415521ffab828421a54eeecda815d37cb5
SSDEEP

384:yBs7Br5xjL8AgA71FbhvJUfWGUf2X5nUYXxX5nUYXRMORnORU:/7BlpQpARFbhiWbs5nd5npMORnORU

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  5081dc05b277e6f0408e5d5fc99208ce29229f8c1edabf753cbd6e9b015106dd
- Size
  
  70KB
- MD5
  
  547cb249b9ea5f62acc7285d4bdea873
- SHA1
  
  6a04cf0f71ec1cd0eea61758c13f1066918d993e
- SHA256
  
  5081dc05b277e6f0408e5d5fc99208ce29229f8c1edabf753cbd6e9b015106dd
- SHA512
  
  e095cc377592ecc9096c363fb67c5ba76462754083700b8dd36ac73214111c5fe58bfd1e20e5a6d393c4249f4a5e5e415521ffab828421a54eeecda815d37cb5
- SSDEEP
  
  384:yBs7Br5xjL8AgA71FbhvJUfWGUf2X5nUYXxX5nUYXRMORnORU:/7BlpQpARFbhiWbs5nd5npMORnORU
Score

9^/10

discovery ransomware
- Renames multiple (3746) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware