16faad7aa3947b98cb937830d93a2873fa05daaec0689b8f68e62dc43be7e2df | Triage

Sharing

General

Target

16faad7aa3947b98cb937830d93a2873fa05daaec0689b8f68e62dc43be7e2df
Size

50KB
Sample

240814-xt7q8atfnk
MD5

685b8cbadea0b02578c4ca01186b854e
SHA1

082340bb6fac0641fb38e3627be186c2f86563ef
SHA256

16faad7aa3947b98cb937830d93a2873fa05daaec0689b8f68e62dc43be7e2df
SHA512

f668b0a86ea03422afa443b53c081e5a60c6d1f1eeacf8d1498792417cc45dc8efc50f917eeca2e7dda162d48f0010a1c365bbd8bb3b0881f0335a3f9d27b2ce
SSDEEP

768:/7BlpQpARFbhn54fmiy+3BVr54fmiy+3BV6nkSI:/7ZQpApmi6nkSI

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  16faad7aa3947b98cb937830d93a2873fa05daaec0689b8f68e62dc43be7e2df
- Size
  
  50KB
- MD5
  
  685b8cbadea0b02578c4ca01186b854e
- SHA1
  
  082340bb6fac0641fb38e3627be186c2f86563ef
- SHA256
  
  16faad7aa3947b98cb937830d93a2873fa05daaec0689b8f68e62dc43be7e2df
- SHA512
  
  f668b0a86ea03422afa443b53c081e5a60c6d1f1eeacf8d1498792417cc45dc8efc50f917eeca2e7dda162d48f0010a1c365bbd8bb3b0881f0335a3f9d27b2ce
- SSDEEP
  
  768:/7BlpQpARFbhn54fmiy+3BVr54fmiy+3BV6nkSI:/7ZQpApmi6nkSI
Score

9^/10

discovery ransomware
- Renames multiple (3788) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware