583db884cc1be715a9cab3d83e3518403e880bce1caf4a04922461b64630f2b7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

30c586753957635101fb155f43f92b90N.exe
Size

43KB
Sample

240814-s1j7aazerh
MD5

30c586753957635101fb155f43f92b90
SHA1

a5c3a7f3488f84655fbc687f0fe58330d959e1c3
SHA256

583db884cc1be715a9cab3d83e3518403e880bce1caf4a04922461b64630f2b7
SHA512

8c30d826ff6ae35e13a895ef6d9a34084dea64e5a1e7005c083b0c2009bd827fa12e43d9ffdf9555bc0162c7ec5bac44be2297b6f0ee1665171aecb1bf32879f
SSDEEP

768:W7BlpppARFbhjbhg42LcfpR42LcfproFNFXpK5c5H/a:W7ZppApBULcfpHLcfpyDA6Q

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  30c586753957635101fb155f43f92b90N.exe
- Size
  
  43KB
- MD5
  
  30c586753957635101fb155f43f92b90
- SHA1
  
  a5c3a7f3488f84655fbc687f0fe58330d959e1c3
- SHA256
  
  583db884cc1be715a9cab3d83e3518403e880bce1caf4a04922461b64630f2b7
- SHA512
  
  8c30d826ff6ae35e13a895ef6d9a34084dea64e5a1e7005c083b0c2009bd827fa12e43d9ffdf9555bc0162c7ec5bac44be2297b6f0ee1665171aecb1bf32879f
- SSDEEP
  
  768:W7BlpppARFbhjbhg42LcfpR42LcfproFNFXpK5c5H/a:W7ZppApBULcfpHLcfpyDA6Q
Score

9^/10

discovery ransomware
- Renames multiple (3152) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware