a0d59f4029184571c794be645cb96dfc940c3a1cddc4bd83f6e9ca7feb1450fc | Triage

Sharing

General

Target

13864096e495143282a2f9d44e708d00N.exe
Size

108KB
Sample

240819-ell6fawhmq
MD5

13864096e495143282a2f9d44e708d00
SHA1

b61f0710c90fa810b9ff60e1b8462e6be2641303
SHA256

a0d59f4029184571c794be645cb96dfc940c3a1cddc4bd83f6e9ca7feb1450fc
SHA512

14397143ba6de5dc8c58fe1a23220433c964ddd69dd371b0c9d385e707939275814c175d1ffb302784ca2659eb2e0a721795c1bad9248f72cc29627dcd80dc7c
SSDEEP

3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBT:PqFF2Ie+efsim2k

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  13864096e495143282a2f9d44e708d00N.exe
- Size
  
  108KB
- MD5
  
  13864096e495143282a2f9d44e708d00
- SHA1
  
  b61f0710c90fa810b9ff60e1b8462e6be2641303
- SHA256
  
  a0d59f4029184571c794be645cb96dfc940c3a1cddc4bd83f6e9ca7feb1450fc
- SHA512
  
  14397143ba6de5dc8c58fe1a23220433c964ddd69dd371b0c9d385e707939275814c175d1ffb302784ca2659eb2e0a721795c1bad9248f72cc29627dcd80dc7c
- SSDEEP
  
  3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBT:PqFF2Ie+efsim2k
Score

9^/10

discovery ransomware
- Renames multiple (2952) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware