e0b22b823690865d068958833a99eed0651e3eb7c648ee52ee4a8ab3c8746abc | Triage

Sharing

General

Target

e0b22b823690865d068958833a99eed0651e3eb7c648ee52ee4a8ab3c8746abc
Size

71KB
Sample

240818-gfd9ra1fmq
MD5

7a7106de73baba354b8e34a31140a931
SHA1

e9d0b3304da707fe3c4b36ee814d55715cb19982
SHA256

e0b22b823690865d068958833a99eed0651e3eb7c648ee52ee4a8ab3c8746abc
SHA512

4d539b32eedf1b1fe55939374e200c0ab1cc405e20fa24660f95bade6b455f438380cc8632f2ef11f0b8096da87589517e64d380d20ea20736450d670a349433
SSDEEP

768:W7BlpppARFbhjbhPKueKudLw1P7BlpppARFbhjbhPKueKudLw12V9YV9j:W7ZppApB7V7ZppApB7U4j

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  e0b22b823690865d068958833a99eed0651e3eb7c648ee52ee4a8ab3c8746abc
- Size
  
  71KB
- MD5
  
  7a7106de73baba354b8e34a31140a931
- SHA1
  
  e9d0b3304da707fe3c4b36ee814d55715cb19982
- SHA256
  
  e0b22b823690865d068958833a99eed0651e3eb7c648ee52ee4a8ab3c8746abc
- SHA512
  
  4d539b32eedf1b1fe55939374e200c0ab1cc405e20fa24660f95bade6b455f438380cc8632f2ef11f0b8096da87589517e64d380d20ea20736450d670a349433
- SSDEEP
  
  768:W7BlpppARFbhjbhPKueKudLw1P7BlpppARFbhjbhPKueKudLw12V9YV9j:W7ZppApB7V7ZppApB7U4j
Score

9^/10

discovery ransomware
- Renames multiple (4471) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware