4f117faa3fe39ba15412da0470201282b156a2c20a540167b31fcc506e6ab63f | Triage

Sharing

General

Target

4d0403ef8b35673147b96a9b0ec57270N.exe
Size

96KB
Sample

240814-flb6xasajj
MD5

4d0403ef8b35673147b96a9b0ec57270
SHA1

2ef1e39b46daf5cf01262ec62cf46e53816964e8
SHA256

4f117faa3fe39ba15412da0470201282b156a2c20a540167b31fcc506e6ab63f
SHA512

ae3af10ea8943326266b78ad0a03c9c6ff1621819e210b0a2de09c0e8f4867345068934d8a3559ef5ea4ed61e6a5f4e4a26d6d22771b5ad6e3b2ad4638a1dabf
SSDEEP

1536:W7ZhA7pApw03vR03v1SsWZ7ZhA7pApw03vR03v1SsWl:6e7WpwYRY1SFe7WpwYRY1ST

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  4d0403ef8b35673147b96a9b0ec57270N.exe
- Size
  
  96KB
- MD5
  
  4d0403ef8b35673147b96a9b0ec57270
- SHA1
  
  2ef1e39b46daf5cf01262ec62cf46e53816964e8
- SHA256
  
  4f117faa3fe39ba15412da0470201282b156a2c20a540167b31fcc506e6ab63f
- SHA512
  
  ae3af10ea8943326266b78ad0a03c9c6ff1621819e210b0a2de09c0e8f4867345068934d8a3559ef5ea4ed61e6a5f4e4a26d6d22771b5ad6e3b2ad4638a1dabf
- SSDEEP
  
  1536:W7ZhA7pApw03vR03v1SsWZ7ZhA7pApw03vR03v1SsWl:6e7WpwYRY1SFe7WpwYRY1ST
Score

9^/10

discovery ransomware
- Renames multiple (4815) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware