6deee864933a513c4674808b362cf98edc160b5b61d848f67146617094a7673e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

21c5f7365dcbf55125d90d749a07e0e0N.exe
Size

44KB
Sample

240818-qc385sxdpm
MD5

21c5f7365dcbf55125d90d749a07e0e0
SHA1

7e2abd9488bc2b79f58df91a3b0453460c7126f0
SHA256

6deee864933a513c4674808b362cf98edc160b5b61d848f67146617094a7673e
SHA512

f6fbed3973ab9ff688bbe88a7ecf407811edf3764de9489da5fac4601c4c1624a3c5eacf9a24346ea2c7e09b01c3ebea22787ad779e474dc6efc9ce53af33890
SSDEEP

768:W7BlphA7pARFbhM0Kkq81LOyq81LORWAnWAkpUE5c5YbfCDTbfCDMj:W7ZhA7pApM21LOA1LOrtkpt6WbfGTbfT

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  21c5f7365dcbf55125d90d749a07e0e0N.exe
- Size
  
  44KB
- MD5
  
  21c5f7365dcbf55125d90d749a07e0e0
- SHA1
  
  7e2abd9488bc2b79f58df91a3b0453460c7126f0
- SHA256
  
  6deee864933a513c4674808b362cf98edc160b5b61d848f67146617094a7673e
- SHA512
  
  f6fbed3973ab9ff688bbe88a7ecf407811edf3764de9489da5fac4601c4c1624a3c5eacf9a24346ea2c7e09b01c3ebea22787ad779e474dc6efc9ce53af33890
- SSDEEP
  
  768:W7BlphA7pARFbhM0Kkq81LOyq81LORWAnWAkpUE5c5YbfCDTbfCDMj:W7ZhA7pApM21LOA1LOrtkpt6WbfGTbfT
Score

9^/10

discovery ransomware
- Renames multiple (3272) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware