2ec9d96416cb26eb3d4db5bc7bd9dadf2415f982f6f17fe3965fb70f21763522 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ec9d96416cb26eb3d4db5bc7bd9dadf2415f982f6f17fe3965fb70f21763522
Size

88KB
Sample

240811-ynlr8szanb
MD5

01dbd8005e2bf43c4a1fd91f38ecd780
SHA1

b55c2f236ddd8f778afb01721e1f9afd49cb4f09
SHA256

2ec9d96416cb26eb3d4db5bc7bd9dadf2415f982f6f17fe3965fb70f21763522
SHA512

88871899e512fcaa952527ae7a24d350e1636b6e9ca6ce16a76617bcc435a923f2d27b7a8699c2a9f2af5957ad103312e6c8cd0479503a8cd056f9df0151228f
SSDEEP

1536:W7ZppApUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFsAcEhk:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsV

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  2ec9d96416cb26eb3d4db5bc7bd9dadf2415f982f6f17fe3965fb70f21763522
- Size
  
  88KB
- MD5
  
  01dbd8005e2bf43c4a1fd91f38ecd780
- SHA1
  
  b55c2f236ddd8f778afb01721e1f9afd49cb4f09
- SHA256
  
  2ec9d96416cb26eb3d4db5bc7bd9dadf2415f982f6f17fe3965fb70f21763522
- SHA512
  
  88871899e512fcaa952527ae7a24d350e1636b6e9ca6ce16a76617bcc435a923f2d27b7a8699c2a9f2af5957ad103312e6c8cd0479503a8cd056f9df0151228f
- SSDEEP
  
  1536:W7ZppApUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFsAcEhk:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsV
Score

9^/10

discovery ransomware
- Renames multiple (3569) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware