1ee3d23456fe1c22e798655d92e09cdb77d8fde191b0fd7d95b63fe0b5afedb5 | Triage

Sharing

General

Target

864e87ea02132bee0873b0c3bca03f80N.exe
Size

72KB
Sample

240814-l9vaaawgjb
MD5

864e87ea02132bee0873b0c3bca03f80
SHA1

8e40d4e02791f4ddc3466af0c127500a227cd0ae
SHA256

1ee3d23456fe1c22e798655d92e09cdb77d8fde191b0fd7d95b63fe0b5afedb5
SHA512

226c1d8a6cec7dc08134260dff0e7bb6829e0fc6d145c6c3d052f98bd195f95e558d9a2197139c47c9dea5418ad66c6bbc96b43e9856638080423a3ab6c2cc4c
SSDEEP

768:W7BlpNLpARFbhblkYlkrt8PWGoPWGqMs1MsR5nd5nyQG+QGHnTVwnTVRiV:W7ZNLpApCZrt8PWGoPWGANdNykloziV

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  864e87ea02132bee0873b0c3bca03f80N.exe
- Size
  
  72KB
- MD5
  
  864e87ea02132bee0873b0c3bca03f80
- SHA1
  
  8e40d4e02791f4ddc3466af0c127500a227cd0ae
- SHA256
  
  1ee3d23456fe1c22e798655d92e09cdb77d8fde191b0fd7d95b63fe0b5afedb5
- SHA512
  
  226c1d8a6cec7dc08134260dff0e7bb6829e0fc6d145c6c3d052f98bd195f95e558d9a2197139c47c9dea5418ad66c6bbc96b43e9856638080423a3ab6c2cc4c
- SSDEEP
  
  768:W7BlpNLpARFbhblkYlkrt8PWGoPWGqMs1MsR5nd5nyQG+QGHnTVwnTVRiV:W7ZNLpApCZrt8PWGoPWGANdNykloziV
Score

9^/10

discovery ransomware
- Renames multiple (3097) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware