9f286c412224e8adf472b2f30fe4e591230d9acf05b92668bb04a32ecaa2097c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14c828584f4bdbe15f0831fc8d297630N.exe
Size

115KB
Sample

240813-sm2t6s1bpg
MD5

14c828584f4bdbe15f0831fc8d297630
SHA1

f7f4ece49f9896b99bf8ba5483c95c11651f536c
SHA256

9f286c412224e8adf472b2f30fe4e591230d9acf05b92668bb04a32ecaa2097c
SHA512

fbcb974a430ead03fa34f7481ed41b34782161ebea739d43832a8956b55ee1fa7bbda1fea664d2616ee765e312ccb022fe5687330b6c3d47ae783fcab2cf8d55
SSDEEP

768:W7BlpppARFbhHFoqAJwBqAJw70EXBwzEXBwOvEJcvEJFTC7BlpppARFbhHFoqAJ+:W7ZppApqvZvITC7ZppApqvZvITd

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  14c828584f4bdbe15f0831fc8d297630N.exe
- Size
  
  115KB
- MD5
  
  14c828584f4bdbe15f0831fc8d297630
- SHA1
  
  f7f4ece49f9896b99bf8ba5483c95c11651f536c
- SHA256
  
  9f286c412224e8adf472b2f30fe4e591230d9acf05b92668bb04a32ecaa2097c
- SHA512
  
  fbcb974a430ead03fa34f7481ed41b34782161ebea739d43832a8956b55ee1fa7bbda1fea664d2616ee765e312ccb022fe5687330b6c3d47ae783fcab2cf8d55
- SSDEEP
  
  768:W7BlpppARFbhHFoqAJwBqAJw70EXBwzEXBwOvEJcvEJFTC7BlpppARFbhHFoqAJ+:W7ZppApqvZvITC7ZppApqvZvITd
Score

9^/10

discovery ransomware
- Renames multiple (467) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware