97a392f6aa03c518d3e81c3da4f1b8540d32fddbb8122f82257e20dcd88fc818 | Triage

Sharing

General

Target

b0c85c32c74151c2ca025d4fd81a4240N.exe
Size

42KB
Sample

240820-m72f9axhre
MD5

b0c85c32c74151c2ca025d4fd81a4240
SHA1

65b70a5a7116e1ff90142b17d701c0484f5552ea
SHA256

97a392f6aa03c518d3e81c3da4f1b8540d32fddbb8122f82257e20dcd88fc818
SHA512

9f9f1b2be939b0e482bf922e4a7f6e0d58d599ccfd9e828d4c70cac6ed7571ace4ce89cf4913bf6ced4192196085f1ca44042b8092f0ec196d5f2b0d9c99a5bd
SSDEEP

384:GBt7Br5xjL9AgA71Fbhv7bhvZ11F1NE7/Ez:W7BlpppARFbhjbhT1F1D

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  b0c85c32c74151c2ca025d4fd81a4240N.exe
- Size
  
  42KB
- MD5
  
  b0c85c32c74151c2ca025d4fd81a4240
- SHA1
  
  65b70a5a7116e1ff90142b17d701c0484f5552ea
- SHA256
  
  97a392f6aa03c518d3e81c3da4f1b8540d32fddbb8122f82257e20dcd88fc818
- SHA512
  
  9f9f1b2be939b0e482bf922e4a7f6e0d58d599ccfd9e828d4c70cac6ed7571ace4ce89cf4913bf6ced4192196085f1ca44042b8092f0ec196d5f2b0d9c99a5bd
- SSDEEP
  
  384:GBt7Br5xjL9AgA71Fbhv7bhvZ11F1NE7/Ez:W7BlpppARFbhjbhT1F1D
Score

9^/10

discovery ransomware
- Renames multiple (3188) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware