f40287e4d2755f4afbbad91b5e65279ce9e9704d7cb859573bc21d1ba2d4bc31 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f40287e4d2755f4afbbad91b5e65279ce9e9704d7cb859573bc21d1ba2d4bc31
Size

196KB
Sample

240810-e5z7eazejg
MD5

b5f346e3f61cfe19a8b19c8e8accf88b
SHA1

1459383cb0a6ae152ecc6a4542df842715ad10d8
SHA256

f40287e4d2755f4afbbad91b5e65279ce9e9704d7cb859573bc21d1ba2d4bc31
SHA512

37455ec69eae483264b92d0f3320953849316487763b84cbae9802a8873f43846311793bc137cd844cdb5ff36359545d11efd54eb8dd1f2d8ee825d2c52cb11f
SSDEEP

3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBZ:PqFF2Ie+effygqFF2Ie+effyD

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  f40287e4d2755f4afbbad91b5e65279ce9e9704d7cb859573bc21d1ba2d4bc31
- Size
  
  196KB
- MD5
  
  b5f346e3f61cfe19a8b19c8e8accf88b
- SHA1
  
  1459383cb0a6ae152ecc6a4542df842715ad10d8
- SHA256
  
  f40287e4d2755f4afbbad91b5e65279ce9e9704d7cb859573bc21d1ba2d4bc31
- SHA512
  
  37455ec69eae483264b92d0f3320953849316487763b84cbae9802a8873f43846311793bc137cd844cdb5ff36359545d11efd54eb8dd1f2d8ee825d2c52cb11f
- SSDEEP
  
  3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBZ:PqFF2Ie+effygqFF2Ie+effyD
Score

9^/10

discovery ransomware
- Renames multiple (4492) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware