9f97241268b2856fa8c6b8a95fc7dbd570cb49512c5c1f343c7048e4895c0b1b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9f97241268b2856fa8c6b8a95fc7dbd570cb49512c5c1f343c7048e4895c0b1b
Size

235KB
Sample

240818-c5f3es1bnd
MD5

ce81bb4b8769c85c970054099e438688
SHA1

833ad4b3ff4fc9961a78c2a05298f8835e47a188
SHA256

9f97241268b2856fa8c6b8a95fc7dbd570cb49512c5c1f343c7048e4895c0b1b
SHA512

3966f818469f22ab69e0ae524f7d539643aa864e82ecb5ea5c65362089aec8467d154c5a6a3ca3d25f481d8da7bbed4287692e0ab23953a79e2a3994870b0f84
SSDEEP

768:W7BlphA7pARFbhKKVeIuKVeIBt+OKObYhnKhnZS+2w4Vqx0VqxzFtF2TZpE:W7ZhA7pApBt+OKOsZKZZSjw4Vc0VcyE

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  9f97241268b2856fa8c6b8a95fc7dbd570cb49512c5c1f343c7048e4895c0b1b
- Size
  
  235KB
- MD5
  
  ce81bb4b8769c85c970054099e438688
- SHA1
  
  833ad4b3ff4fc9961a78c2a05298f8835e47a188
- SHA256
  
  9f97241268b2856fa8c6b8a95fc7dbd570cb49512c5c1f343c7048e4895c0b1b
- SHA512
  
  3966f818469f22ab69e0ae524f7d539643aa864e82ecb5ea5c65362089aec8467d154c5a6a3ca3d25f481d8da7bbed4287692e0ab23953a79e2a3994870b0f84
- SSDEEP
  
  768:W7BlphA7pARFbhKKVeIuKVeIBt+OKObYhnKhnZS+2w4Vqx0VqxzFtF2TZpE:W7ZhA7pApBt+OKOsZKZZSjw4Vc0VcyE
Score

9^/10

discovery ransomware
- Renames multiple (3097) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware