ec508d93e5071a56d9e740f47e26b332f083eb88912ab55316d1bb525243199c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b1cf65e34cc6b76a20f6b4149da7c000N.exe
Size

41KB
Sample

240820-hw4p1ssfrq
MD5

b1cf65e34cc6b76a20f6b4149da7c000
SHA1

60c8b415ed88849e0b41974c27ce0ed303ad1155
SHA256

ec508d93e5071a56d9e740f47e26b332f083eb88912ab55316d1bb525243199c
SHA512

786cf7ad536624745c848be2d897c8bcf817951ec6924e26712c6f0a44494e32fe531ca2ef451bdcf7519f93a331bf38d52231202ff44e01203290e96743a37f
SSDEEP

384:yBs7Br5xjL8AgA71Fbhv/FzzwzgTAUAUvWAgvWAN:/7BlpQpARFbhNIgTu7us

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  b1cf65e34cc6b76a20f6b4149da7c000N.exe
- Size
  
  41KB
- MD5
  
  b1cf65e34cc6b76a20f6b4149da7c000
- SHA1
  
  60c8b415ed88849e0b41974c27ce0ed303ad1155
- SHA256
  
  ec508d93e5071a56d9e740f47e26b332f083eb88912ab55316d1bb525243199c
- SHA512
  
  786cf7ad536624745c848be2d897c8bcf817951ec6924e26712c6f0a44494e32fe531ca2ef451bdcf7519f93a331bf38d52231202ff44e01203290e96743a37f
- SSDEEP
  
  384:yBs7Br5xjL8AgA71Fbhv/FzzwzgTAUAUvWAgvWAN:/7BlpQpARFbhNIgTu7us
Score

9^/10

discovery ransomware
- Renames multiple (3350) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware