94ecfe35b85b9c4efb78965264e731496b4d04fc0b3ab595e945cda65cf8320a | Triage

Sharing

General

Target

94ecfe35b85b9c4efb78965264e731496b4d04fc0b3ab595e945cda65cf8320a
Size

95KB
Sample

240818-3l7zxa1eka
MD5

ce8456b37bcaee3cb7631a632ea080e3
SHA1

78ccf7bb4769843f6cce4789b84b56d33f132a1b
SHA256

94ecfe35b85b9c4efb78965264e731496b4d04fc0b3ab595e945cda65cf8320a
SHA512

19f2e7e01c7074bc382b4c58afdaf8d11a52fbce71d36ca24ec7891782807cbf17a997361c79d72d4462bcfa80e48b17617f54d55b722c3b572226bf566d5f17
SSDEEP

1536:/7ZQpAplJwsJwwnEp97ZQpAplJwsJwwnEpT:9QWpjngQWpjnU

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  94ecfe35b85b9c4efb78965264e731496b4d04fc0b3ab595e945cda65cf8320a
- Size
  
  95KB
- MD5
  
  ce8456b37bcaee3cb7631a632ea080e3
- SHA1
  
  78ccf7bb4769843f6cce4789b84b56d33f132a1b
- SHA256
  
  94ecfe35b85b9c4efb78965264e731496b4d04fc0b3ab595e945cda65cf8320a
- SHA512
  
  19f2e7e01c7074bc382b4c58afdaf8d11a52fbce71d36ca24ec7891782807cbf17a997361c79d72d4462bcfa80e48b17617f54d55b722c3b572226bf566d5f17
- SSDEEP
  
  1536:/7ZQpAplJwsJwwnEp97ZQpAplJwsJwwnEpT:9QWpjngQWpjnU
Score

9^/10

discovery ransomware
- Renames multiple (4655) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware