78ea863a5fe951a387f9feba18881f8eec9b8c6f4ac4d0c1cc5d08a259635ea3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

78ea863a5fe951a387f9feba18881f8eec9b8c6f4ac4d0c1cc5d08a259635ea3
Size

258KB
Sample

240810-23f23sxbph
MD5

ce56cf0728474160a584bd295c9dc9f9
SHA1

b35d4f1e199a4080c2bef96857e80a7d5231eea5
SHA256

78ea863a5fe951a387f9feba18881f8eec9b8c6f4ac4d0c1cc5d08a259635ea3
SHA512

d55fd5e947a02357e4ede2e48e7a71f66986f4da0ca039b5839fd5eb6976963631ceefb4cf269d0c6b1f2a77ebeffc840e38a81e2365d2a207f432ca746ac110
SSDEEP

6144:AonmhNYRP4V7bh3tspT4uK3Lp/lDHxY+a:XnmhNYP4Jbh3tspELFhHja

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  78ea863a5fe951a387f9feba18881f8eec9b8c6f4ac4d0c1cc5d08a259635ea3
- Size
  
  258KB
- MD5
  
  ce56cf0728474160a584bd295c9dc9f9
- SHA1
  
  b35d4f1e199a4080c2bef96857e80a7d5231eea5
- SHA256
  
  78ea863a5fe951a387f9feba18881f8eec9b8c6f4ac4d0c1cc5d08a259635ea3
- SHA512
  
  d55fd5e947a02357e4ede2e48e7a71f66986f4da0ca039b5839fd5eb6976963631ceefb4cf269d0c6b1f2a77ebeffc840e38a81e2365d2a207f432ca746ac110
- SSDEEP
  
  6144:AonmhNYRP4V7bh3tspT4uK3Lp/lDHxY+a:XnmhNYP4Jbh3tspELFhHja
Score

9^/10

discovery ransomware
- Renames multiple (332) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware