2d4fa8e52a9a5efc2e0b31683d63b9e09893815df42638484d8a24a0e21185ab | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d2a5b95b0b8ab266aa8576e10d3c2890N.exe
Size

112KB
Sample

240818-f3nahaxgnb
MD5

d2a5b95b0b8ab266aa8576e10d3c2890
SHA1

4cae3d16b99ff077240f452766638c7f8fd25d93
SHA256

2d4fa8e52a9a5efc2e0b31683d63b9e09893815df42638484d8a24a0e21185ab
SHA512

5771f0dfdf0808f6d3c890cbfdf660576288d5281cc994cf73c69e55a6b7c34f7e82cf52e8195dd02a40afcf77d6194e322e49f28d6dce7effcc231685044777
SSDEEP

3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyB3:PqFF2Ie+effyx

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  d2a5b95b0b8ab266aa8576e10d3c2890N.exe
- Size
  
  112KB
- MD5
  
  d2a5b95b0b8ab266aa8576e10d3c2890
- SHA1
  
  4cae3d16b99ff077240f452766638c7f8fd25d93
- SHA256
  
  2d4fa8e52a9a5efc2e0b31683d63b9e09893815df42638484d8a24a0e21185ab
- SHA512
  
  5771f0dfdf0808f6d3c890cbfdf660576288d5281cc994cf73c69e55a6b7c34f7e82cf52e8195dd02a40afcf77d6194e322e49f28d6dce7effcc231685044777
- SSDEEP
  
  3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyB3:PqFF2Ie+effyx
Score

9^/10

discovery ransomware
- Renames multiple (2916) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware