e2521dd3d481407356437affeb8d1e64c08ed2ad9b9c9f319e7d7ff04dfc685f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cfef89c7658d81d72ad58a4a1cc71830N.exe
Size

76KB
Sample

240817-p7zzjawgpf
MD5

cfef89c7658d81d72ad58a4a1cc71830
SHA1

f2a88b6acb54fcf8d73f21a4d31fd5c3be9ce494
SHA256

e2521dd3d481407356437affeb8d1e64c08ed2ad9b9c9f319e7d7ff04dfc685f
SHA512

a7fb978e7058266923acce33d183a0a66bfc7f60aad77ca3c731f99b6a8bfdd3ebab08534619438600bfd6163f424519ca0eb325cb80f08b639be9f14f7d79c8
SSDEEP

384:yBs7Br5xjL8AgA71Fbhvhwfziz63rmreaL1bNawZWxoQD91F4AsiG99CjH0Hl/9b:/7BlpQpARFbhWGUKBb4JxobNlAGARti

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  cfef89c7658d81d72ad58a4a1cc71830N.exe
- Size
  
  76KB
- MD5
  
  cfef89c7658d81d72ad58a4a1cc71830
- SHA1
  
  f2a88b6acb54fcf8d73f21a4d31fd5c3be9ce494
- SHA256
  
  e2521dd3d481407356437affeb8d1e64c08ed2ad9b9c9f319e7d7ff04dfc685f
- SHA512
  
  a7fb978e7058266923acce33d183a0a66bfc7f60aad77ca3c731f99b6a8bfdd3ebab08534619438600bfd6163f424519ca0eb325cb80f08b639be9f14f7d79c8
- SSDEEP
  
  384:yBs7Br5xjL8AgA71Fbhvhwfziz63rmreaL1bNawZWxoQD91F4AsiG99CjH0Hl/9b:/7BlpQpARFbhWGUKBb4JxobNlAGARti
Score

9^/10

discovery ransomware
- Renames multiple (3103) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware