b39ccf008fcfdb6bb7a182ea1459198d9e78d0333bd3919f73d75c096f3f414a | Triage

Sharing

General

Target

b39ccf008fcfdb6bb7a182ea1459198d9e78d0333bd3919f73d75c096f3f414a
Size

118KB
Sample

240813-3kcsda1fmb
MD5

78a776ded72b82e2cc9b5716c46a96a3
SHA1

a63381055ae4bdbfb2b2f149bf58b72d34992d4c
SHA256

b39ccf008fcfdb6bb7a182ea1459198d9e78d0333bd3919f73d75c096f3f414a
SHA512

cd04d3770fc530cb0803121fbe15bd45a0c1150d15f034108694975c2450971fab0ed54dbe7accb866fea69173b264eef83c0e590b6f3f45c7ad0b6f0085f9d9
SSDEEP

768:W7BlpppARFbhHFoqAJwBqAJw70EXBwzEXBwOvEJcvEJFT07BlpppARFbhHFoqAJi:W7ZppApqvZvIT07ZppApqvZvITZ

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  b39ccf008fcfdb6bb7a182ea1459198d9e78d0333bd3919f73d75c096f3f414a
- Size
  
  118KB
- MD5
  
  78a776ded72b82e2cc9b5716c46a96a3
- SHA1
  
  a63381055ae4bdbfb2b2f149bf58b72d34992d4c
- SHA256
  
  b39ccf008fcfdb6bb7a182ea1459198d9e78d0333bd3919f73d75c096f3f414a
- SHA512
  
  cd04d3770fc530cb0803121fbe15bd45a0c1150d15f034108694975c2450971fab0ed54dbe7accb866fea69173b264eef83c0e590b6f3f45c7ad0b6f0085f9d9
- SSDEEP
  
  768:W7BlpppARFbhHFoqAJwBqAJw70EXBwzEXBwOvEJcvEJFT07BlpppARFbhHFoqAJi:W7ZppApqvZvIT07ZppApqvZvITZ
Score

9^/10

discovery ransomware
- Renames multiple (4990) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware