593af8d985bc72320cf5fcef5c1007c25c42537073eef79b90bb41f4c9726e73 | Triage

Sharing

General

Target

f61b54897e6dc2bd016be69e1fc24510N.exe
Size

51KB
Sample

240818-qh82ksvela
MD5

f61b54897e6dc2bd016be69e1fc24510
SHA1

791067261714d0d576f1a078812a57826d6dd182
SHA256

593af8d985bc72320cf5fcef5c1007c25c42537073eef79b90bb41f4c9726e73
SHA512

28b3475ce78834751266cd36b2c8ccbb8b6b0e8eff464baa7adcc4e937d781d2294812dfa8c039b92ebb08d31f967b0afe2cb0ba087eb70ca34018c7c23985c5
SSDEEP

768:/7BlpQpARFbhn54fmiy+3BVr54fmiy+3BV6njYw05jYw05Kq:/7ZQpApmi6n8wBws

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  f61b54897e6dc2bd016be69e1fc24510N.exe
- Size
  
  51KB
- MD5
  
  f61b54897e6dc2bd016be69e1fc24510
- SHA1
  
  791067261714d0d576f1a078812a57826d6dd182
- SHA256
  
  593af8d985bc72320cf5fcef5c1007c25c42537073eef79b90bb41f4c9726e73
- SHA512
  
  28b3475ce78834751266cd36b2c8ccbb8b6b0e8eff464baa7adcc4e937d781d2294812dfa8c039b92ebb08d31f967b0afe2cb0ba087eb70ca34018c7c23985c5
- SSDEEP
  
  768:/7BlpQpARFbhn54fmiy+3BVr54fmiy+3BV6njYw05jYw05Kq:/7ZQpApmi6n8wBws
Score

9^/10

discovery ransomware
- Renames multiple (3201) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware