5ee24181f7b538f3929ad9092a372ef40a4596687694eccc8abe286eaf8d64fc | Triage

Sharing

General

Target

83f573d38a0ff0116b3d812bf96e59f0N.exe
Size

142KB
Sample

240819-wvj6wayekc
MD5

83f573d38a0ff0116b3d812bf96e59f0
SHA1

90060ef3e2e6366f60206c2606aa2558c89d36db
SHA256

5ee24181f7b538f3929ad9092a372ef40a4596687694eccc8abe286eaf8d64fc
SHA512

48a78c00fd6057000cf82a11d93b0a0a835e1b0b9e2f390175eed5d7cb64dc9294f8ad9b444eb028d48431ae0f5231863c8281d5413d5c1c6ff5954a3fecfe26
SSDEEP

1536:W7ZDpApYbVK4vx4PN54PN4OHepOHeZSP7ZDpApYbVK4vx4PN54PN4OHepOHeZS8u:6DWp7WVDWp7Wf

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  83f573d38a0ff0116b3d812bf96e59f0N.exe
- Size
  
  142KB
- MD5
  
  83f573d38a0ff0116b3d812bf96e59f0
- SHA1
  
  90060ef3e2e6366f60206c2606aa2558c89d36db
- SHA256
  
  5ee24181f7b538f3929ad9092a372ef40a4596687694eccc8abe286eaf8d64fc
- SHA512
  
  48a78c00fd6057000cf82a11d93b0a0a835e1b0b9e2f390175eed5d7cb64dc9294f8ad9b444eb028d48431ae0f5231863c8281d5413d5c1c6ff5954a3fecfe26
- SSDEEP
  
  1536:W7ZDpApYbVK4vx4PN54PN4OHepOHeZSP7ZDpApYbVK4vx4PN54PN4OHepOHeZS8u:6DWp7WVDWp7Wf
Score

9^/10

discovery ransomware
- Renames multiple (4114) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware