f3b178e4a0fce5792cde4be9ed929c8924288d6573f9bf9fda940ab06b7ac939 | Triage

Sharing

General

Target

c6dada454d0f31cdac13eb2c59c95ab0N.exe
Size

5.7MB
Sample

240818-q2tq1ayfqj
MD5

c6dada454d0f31cdac13eb2c59c95ab0
SHA1

4adb8b8d3ec5e6a575735d253ac65d009155d629
SHA256

f3b178e4a0fce5792cde4be9ed929c8924288d6573f9bf9fda940ab06b7ac939
SHA512

9ae7cbb3ebe47ce0f98702b118f055c09ef2c09846b0a776b8e897521b0b50a6e076fba19c05b0050006a98c69d8a9e1907616edf5e1a275c36bd012a3caa7f0
SSDEEP

98304:AimwaCELMjOLIalJ67sj4jmpRMTcToaxLQsp1RXp9nGA:WwaCYLIal06MTo9RPGA

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  c6dada454d0f31cdac13eb2c59c95ab0N.exe
- Size
  
  5.7MB
- MD5
  
  c6dada454d0f31cdac13eb2c59c95ab0
- SHA1
  
  4adb8b8d3ec5e6a575735d253ac65d009155d629
- SHA256
  
  f3b178e4a0fce5792cde4be9ed929c8924288d6573f9bf9fda940ab06b7ac939
- SHA512
  
  9ae7cbb3ebe47ce0f98702b118f055c09ef2c09846b0a776b8e897521b0b50a6e076fba19c05b0050006a98c69d8a9e1907616edf5e1a275c36bd012a3caa7f0
- SSDEEP
  
  98304:AimwaCELMjOLIalJ67sj4jmpRMTcToaxLQsp1RXp9nGA:WwaCYLIal06MTo9RPGA
Score

9^/10

discovery ransomware
- Renames multiple (198) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware