9d8344e2fc57f0ffedbb5543e436d818a6f8a5876cf626a986845a2e84020775 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cb71572878d1f1f3acb63e25fd306030N.exe
Size

68KB
Sample

240820-hqf2rsycra
MD5

cb71572878d1f1f3acb63e25fd306030
SHA1

1438d2358ec32b3a7526a1a9541ac96bdb9ba826
SHA256

9d8344e2fc57f0ffedbb5543e436d818a6f8a5876cf626a986845a2e84020775
SHA512

9b8a02e6b8dde7969bad0edc487467a60415d82f0e5028a0a519707578b0e7a9179222dc09b02d5fd0c8a88d92b22f1f6d7334dd1419784f351338519e37ebdc
SSDEEP

768:W7BlpDpARFbhYQkQzaxkd+axkdo176/hvYaJaMGw4PCs2B24PCs2BHE4JAIAepEM:W7ZDpApYbVK4vx4PN54PN4OHepOHeZSU

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  cb71572878d1f1f3acb63e25fd306030N.exe
- Size
  
  68KB
- MD5
  
  cb71572878d1f1f3acb63e25fd306030
- SHA1
  
  1438d2358ec32b3a7526a1a9541ac96bdb9ba826
- SHA256
  
  9d8344e2fc57f0ffedbb5543e436d818a6f8a5876cf626a986845a2e84020775
- SHA512
  
  9b8a02e6b8dde7969bad0edc487467a60415d82f0e5028a0a519707578b0e7a9179222dc09b02d5fd0c8a88d92b22f1f6d7334dd1419784f351338519e37ebdc
- SSDEEP
  
  768:W7BlpDpARFbhYQkQzaxkd+axkdo176/hvYaJaMGw4PCs2B24PCs2BHE4JAIAepEM:W7ZDpApYbVK4vx4PN54PN4OHepOHeZSU
Score

9^/10

discovery ransomware
- Renames multiple (3266) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware