76909fca5d12f52eb1efb5370ff80ddfb00402f8007c4c9b882cb21298f7db8c | Triage

Sharing

General

Target

76909fca5d12f52eb1efb5370ff80ddfb00402f8007c4c9b882cb21298f7db8c
Size

77KB
Sample

240818-2c1nss1elk
MD5

9c076fbf67182430714d9164271e14f2
SHA1

e4b70f62027d30e2690d16b1fc22a683e25f5652
SHA256

76909fca5d12f52eb1efb5370ff80ddfb00402f8007c4c9b882cb21298f7db8c
SHA512

ff61d9d2751a5cb287f5423af7c066a89ab213b74f12751dc645374769e7cb9d415d211120871c548a3a88331d7696b5ea3a9a420bb547680ee4db90c438ae14
SSDEEP

1536:W7ZhA7pApM21LOA1LOg7ZhA7pApM21LOA1LOVfG:6e7WpMgLOiLOge7WpMgLOiLOk

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  76909fca5d12f52eb1efb5370ff80ddfb00402f8007c4c9b882cb21298f7db8c
- Size
  
  77KB
- MD5
  
  9c076fbf67182430714d9164271e14f2
- SHA1
  
  e4b70f62027d30e2690d16b1fc22a683e25f5652
- SHA256
  
  76909fca5d12f52eb1efb5370ff80ddfb00402f8007c4c9b882cb21298f7db8c
- SHA512
  
  ff61d9d2751a5cb287f5423af7c066a89ab213b74f12751dc645374769e7cb9d415d211120871c548a3a88331d7696b5ea3a9a420bb547680ee4db90c438ae14
- SSDEEP
  
  1536:W7ZhA7pApM21LOA1LOg7ZhA7pApM21LOA1LOVfG:6e7WpMgLOiLOge7WpMgLOiLOk
Score

9^/10

discovery ransomware
- Renames multiple (1377) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware