a791bfcb06230afc0943a597a4c8b02fc64ade9395f3b79564c299fcf9cdfd98 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a791bfcb06230afc0943a597a4c8b02fc64ade9395f3b79564c299fcf9cdfd98
Size

34KB
Sample

240813-26nlbswajj
MD5

6bfb04858152de5d46298a316c2e51d8
SHA1

37c203f94814b02e1f606976028bb6db388d64ad
SHA256

a791bfcb06230afc0943a597a4c8b02fc64ade9395f3b79564c299fcf9cdfd98
SHA512

31257adaca022273e4563a9fe4420f7bd49c7c5192e27eee9e27886cd75c1e8d8746be1b1562ad879aae6336b7dcf17af106aad9f762e228d6487d42a42789e7
SSDEEP

384:GBt7Br5xjL9AgA71Fbhv7bhvo42L5FgAytBpR42L5FgAytBpKU:W7BlpppARFbhjbhg42LcfpR42LcfpKU

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  a791bfcb06230afc0943a597a4c8b02fc64ade9395f3b79564c299fcf9cdfd98
- Size
  
  34KB
- MD5
  
  6bfb04858152de5d46298a316c2e51d8
- SHA1
  
  37c203f94814b02e1f606976028bb6db388d64ad
- SHA256
  
  a791bfcb06230afc0943a597a4c8b02fc64ade9395f3b79564c299fcf9cdfd98
- SHA512
  
  31257adaca022273e4563a9fe4420f7bd49c7c5192e27eee9e27886cd75c1e8d8746be1b1562ad879aae6336b7dcf17af106aad9f762e228d6487d42a42789e7
- SSDEEP
  
  384:GBt7Br5xjL9AgA71Fbhv7bhvo42L5FgAytBpR42L5FgAytBpKU:W7BlpppARFbhjbhg42LcfpR42LcfpKU
Score

9^/10

discovery ransomware
- Renames multiple (4110) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware