644fa7b2e1530d24ef6a4b4a7d6d9dbb22aadae6f4fc0ac18104d5e18b568842 | Triage

Sharing

General

Target

fef539125e1a28a737167f455e244f30N.exe
Size

100KB
Sample

240816-1cpe4aybjc
MD5

fef539125e1a28a737167f455e244f30
SHA1

0117f3101b5dc6fd4ad378be94e32b556510adbe
SHA256

644fa7b2e1530d24ef6a4b4a7d6d9dbb22aadae6f4fc0ac18104d5e18b568842
SHA512

54b226c7e941b4c685f83f3d472981738ae3f1e91028eac7fd5b0facf10642a0e0bd197213a71ac3d76029338aa83fc4cc416d5f1e319bed4476dffbc37824ed
SSDEEP

3072:69WpQEoTdc6e6kvNDck7Tdc6e6kvNDcksh/UxYnMR:nSTdc6e6kvNDck7Tdc6e6kvNDckyUxY8

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  fef539125e1a28a737167f455e244f30N.exe
- Size
  
  100KB
- MD5
  
  fef539125e1a28a737167f455e244f30
- SHA1
  
  0117f3101b5dc6fd4ad378be94e32b556510adbe
- SHA256
  
  644fa7b2e1530d24ef6a4b4a7d6d9dbb22aadae6f4fc0ac18104d5e18b568842
- SHA512
  
  54b226c7e941b4c685f83f3d472981738ae3f1e91028eac7fd5b0facf10642a0e0bd197213a71ac3d76029338aa83fc4cc416d5f1e319bed4476dffbc37824ed
- SSDEEP
  
  3072:69WpQEoTdc6e6kvNDck7Tdc6e6kvNDcksh/UxYnMR:nSTdc6e6kvNDck7Tdc6e6kvNDckyUxY8
Score

9^/10

discovery ransomware
- Renames multiple (2899) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware