e1e9e7c4008e42d3cfc05420819f96f978f40735dcfcb4a2b0dcbaf6dccbd97c | Triage

Sharing

General

Target

85bb093d5caa0551a96a2ab593bae960N.exe
Size

201KB
Sample

240818-hbhbaatbml
MD5

85bb093d5caa0551a96a2ab593bae960
SHA1

9b2ede624d82eb71e7f0c6420f560a0353955453
SHA256

e1e9e7c4008e42d3cfc05420819f96f978f40735dcfcb4a2b0dcbaf6dccbd97c
SHA512

e958c3afefaffe7b6be4c04da44b799e398ffa228f3c45ea86a63ecdf095b76953c0535a6cd0cecaa76a4814f0ca3060b40c0b7ca31ca6778cb08899f1cfdb0d
SSDEEP

3072:6e7WpMNca3rytOkWpXfnYRl2l/9HSFHzJ0lBJTzkT:RqKB+tOkWKR0iJ0lTzkT

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  85bb093d5caa0551a96a2ab593bae960N.exe
- Size
  
  201KB
- MD5
  
  85bb093d5caa0551a96a2ab593bae960
- SHA1
  
  9b2ede624d82eb71e7f0c6420f560a0353955453
- SHA256
  
  e1e9e7c4008e42d3cfc05420819f96f978f40735dcfcb4a2b0dcbaf6dccbd97c
- SHA512
  
  e958c3afefaffe7b6be4c04da44b799e398ffa228f3c45ea86a63ecdf095b76953c0535a6cd0cecaa76a4814f0ca3060b40c0b7ca31ca6778cb08899f1cfdb0d
- SSDEEP
  
  3072:6e7WpMNca3rytOkWpXfnYRl2l/9HSFHzJ0lBJTzkT:RqKB+tOkWKR0iJ0lTzkT
Score

9^/10

discovery ransomware
- Renames multiple (2687) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware