13d3dafbc391f58da70574b98a5ad1636b67a4c497a908151c5d5aab2a69fde1 | Triage

Sharing

General

Target

13d3dafbc391f58da70574b98a5ad1636b67a4c497a908151c5d5aab2a69fde1
Size

83KB
Sample

240810-xlg6lasgpq
MD5

8be81353ad6ea357a7d893e8380c1993
SHA1

5db97b29ee4433c74db1f33318a30e2fdb4a9693
SHA256

13d3dafbc391f58da70574b98a5ad1636b67a4c497a908151c5d5aab2a69fde1
SHA512

2170b7b31d09272f7d45eae56ee9d935e99b97eee9c05c531217f98bc8d30efdfb54fa11e7d2caac399f9ff86bb28f44ae1cae119afb5a5f757830b3e1f2a3b9
SSDEEP

1536:W7ZppApB7laKa4aKaW7ZppApB7laKa4aKapekXekr:6pWpB7rpWpB7QFh

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  13d3dafbc391f58da70574b98a5ad1636b67a4c497a908151c5d5aab2a69fde1
- Size
  
  83KB
- MD5
  
  8be81353ad6ea357a7d893e8380c1993
- SHA1
  
  5db97b29ee4433c74db1f33318a30e2fdb4a9693
- SHA256
  
  13d3dafbc391f58da70574b98a5ad1636b67a4c497a908151c5d5aab2a69fde1
- SHA512
  
  2170b7b31d09272f7d45eae56ee9d935e99b97eee9c05c531217f98bc8d30efdfb54fa11e7d2caac399f9ff86bb28f44ae1cae119afb5a5f757830b3e1f2a3b9
- SSDEEP
  
  1536:W7ZppApB7laKa4aKaW7ZppApB7laKa4aKapekXekr:6pWpB7rpWpB7QFh
Score

9^/10

discovery ransomware
- Renames multiple (4102) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware