b3f99c487e4d0072d22f38c93047d0eef11c9ed603484ef40ed32455931aaae0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f1cfcec22a2c7b486f3731a913952300N.exe
Size

37KB
Sample

240817-t797qaydkq
MD5

f1cfcec22a2c7b486f3731a913952300
SHA1

e87148c6df69854b76706574cda5d67caf2d8b19
SHA256

b3f99c487e4d0072d22f38c93047d0eef11c9ed603484ef40ed32455931aaae0
SHA512

c4987a7f25c978991e69e8bc87f47fa44151180e50e7b2fa4a136442bc49876a67dc80d558e61a340c67c79d8e34cbce2b0c4b9a1ccfa9c5919b9f4ebfd98c25
SSDEEP

192:pACU3DIY0Br5xjL/EAgAQmP1oynLb22vB7m/FJHo7m/FJHhpq5FxPFxSbshdsht:yBs7Br5xjL8AgA71FbhvsIz0s3sf

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  f1cfcec22a2c7b486f3731a913952300N.exe
- Size
  
  37KB
- MD5
  
  f1cfcec22a2c7b486f3731a913952300
- SHA1
  
  e87148c6df69854b76706574cda5d67caf2d8b19
- SHA256
  
  b3f99c487e4d0072d22f38c93047d0eef11c9ed603484ef40ed32455931aaae0
- SHA512
  
  c4987a7f25c978991e69e8bc87f47fa44151180e50e7b2fa4a136442bc49876a67dc80d558e61a340c67c79d8e34cbce2b0c4b9a1ccfa9c5919b9f4ebfd98c25
- SSDEEP
  
  192:pACU3DIY0Br5xjL/EAgAQmP1oynLb22vB7m/FJHo7m/FJHhpq5FxPFxSbshdsht:yBs7Br5xjL8AgA71FbhvsIz0s3sf
Score

9^/10

discovery ransomware
- Renames multiple (3444) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware