f1f73ffe90ae72eb37f7cfc5df215b3188047db20ee1300d40af8dfccc5faf26 | Triage

Sharing

General

Target

35e44dd89b449ee6bec0dabfff9af300N.exe
Size

42KB
Sample

240818-krc3lswakd
MD5

35e44dd89b449ee6bec0dabfff9af300
SHA1

15fe31a16522672e19f300b8b94000894633e307
SHA256

f1f73ffe90ae72eb37f7cfc5df215b3188047db20ee1300d40af8dfccc5faf26
SHA512

4cb1004b87f33b3cf27f965cec66328b6314cfa22474e68a8638104b0c01779e471ea8fbbf2676a01053f9d1df159c65f81d907d962a25765255cc74efa8ab55
SSDEEP

384:yBs7Br5xjL8AgA71Fbhv/FzzwzfgQemyq8gCgQemyq8g5:/7BlpQpARFbhNIRynyA

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  35e44dd89b449ee6bec0dabfff9af300N.exe
- Size
  
  42KB
- MD5
  
  35e44dd89b449ee6bec0dabfff9af300
- SHA1
  
  15fe31a16522672e19f300b8b94000894633e307
- SHA256
  
  f1f73ffe90ae72eb37f7cfc5df215b3188047db20ee1300d40af8dfccc5faf26
- SHA512
  
  4cb1004b87f33b3cf27f965cec66328b6314cfa22474e68a8638104b0c01779e471ea8fbbf2676a01053f9d1df159c65f81d907d962a25765255cc74efa8ab55
- SSDEEP
  
  384:yBs7Br5xjL8AgA71Fbhv/FzzwzfgQemyq8gCgQemyq8g5:/7BlpQpARFbhNIRynyA
Score

9^/10

discovery ransomware
- Renames multiple (3448) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware