197a037c11e10e6765c6283dd9f63ef112f98fd10b9a12c942571ad2257a96d0 | Triage

Sharing

General

Target

6da995f32bf6bc11856d971c5b252030N.exe
Size

80KB
Sample

240818-by19cayajg
MD5

6da995f32bf6bc11856d971c5b252030
SHA1

5955f7f180dc630dec3dd1003697ae48d33bdda2
SHA256

197a037c11e10e6765c6283dd9f63ef112f98fd10b9a12c942571ad2257a96d0
SHA512

90c5ab5ae6b3acd7b2754228965688667802dd8b784ed011175a37838ca3b6d57838c3ac380c53be6e3cc1023aeaabff02f2971d20397208580188fb07f45bce
SSDEEP

1536:/7ZQpApze+eJfFpsJOfFpsJ5DVSWu0SWu2:9QWpze+eJfFpsJOfFpsJ5DVSWu0SWu2

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  6da995f32bf6bc11856d971c5b252030N.exe
- Size
  
  80KB
- MD5
  
  6da995f32bf6bc11856d971c5b252030
- SHA1
  
  5955f7f180dc630dec3dd1003697ae48d33bdda2
- SHA256
  
  197a037c11e10e6765c6283dd9f63ef112f98fd10b9a12c942571ad2257a96d0
- SHA512
  
  90c5ab5ae6b3acd7b2754228965688667802dd8b784ed011175a37838ca3b6d57838c3ac380c53be6e3cc1023aeaabff02f2971d20397208580188fb07f45bce
- SSDEEP
  
  1536:/7ZQpApze+eJfFpsJOfFpsJ5DVSWu0SWu2:9QWpze+eJfFpsJOfFpsJ5DVSWu0SWu2
Score

9^/10

discovery ransomware
- Renames multiple (3064) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware