4858cc5025b20959b1ecd8277433dc171cdcd19ca3dbe5cc9e90606cd3e614f9 | Triage

Sharing

General

Target

f5c2540f4ed94aec0aa1a9f561e52e30N.exe
Size

49KB
Sample

240817-1kgefsycpf
MD5

f5c2540f4ed94aec0aa1a9f561e52e30
SHA1

86439d8ebdf1756928f88f953630d3f9259f444b
SHA256

4858cc5025b20959b1ecd8277433dc171cdcd19ca3dbe5cc9e90606cd3e614f9
SHA512

ae763835ca5c5943fa953485636e9a2c7668147a7aaa1f4c05d17bcfb020498386a439b73c3e3629f70cf5c7b12edda11cd81c2c7ac233ffabef0c1245806fee
SSDEEP

384:GBt7Br5xjL9A7AgA71Fbhvnqj7jU7ubTAgpbuvx10AaIdKB7ubTAgpbuvx10AaIw:W7BlphA7pARFbhL801VvM801Vvv7cYy

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  f5c2540f4ed94aec0aa1a9f561e52e30N.exe
- Size
  
  49KB
- MD5
  
  f5c2540f4ed94aec0aa1a9f561e52e30
- SHA1
  
  86439d8ebdf1756928f88f953630d3f9259f444b
- SHA256
  
  4858cc5025b20959b1ecd8277433dc171cdcd19ca3dbe5cc9e90606cd3e614f9
- SHA512
  
  ae763835ca5c5943fa953485636e9a2c7668147a7aaa1f4c05d17bcfb020498386a439b73c3e3629f70cf5c7b12edda11cd81c2c7ac233ffabef0c1245806fee
- SSDEEP
  
  384:GBt7Br5xjL9A7AgA71Fbhvnqj7jU7ubTAgpbuvx10AaIdKB7ubTAgpbuvx10AaIw:W7BlphA7pARFbhL801VvM801Vvv7cYy
Score

9^/10

discovery ransomware
- Renames multiple (3229) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware