86f205398af0e8a9a586ba1ebcd9e0394a280b7c7a7f57ec377ec1152476440b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

864bf72db3740baf1cf381485d528660N.exe
Size

73KB
Sample

240820-n4d28athqq
MD5

864bf72db3740baf1cf381485d528660
SHA1

970e0732afd698d8ebcafa159107702205bfbd46
SHA256

86f205398af0e8a9a586ba1ebcd9e0394a280b7c7a7f57ec377ec1152476440b
SHA512

72c04082ddece7d5627c33f3a0a43248d71363075000ab8609d1ba3fbdcf68b3e802bf4f52f64733c3e9a167447129ba256d1141cebcbeed7e016f8b9bd2fbf8
SSDEEP

1536:W7ZNLpApCZrt8PWGoPWGANdN+hEwHwDvZvk:6NLWpCZIzjwHwS

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  864bf72db3740baf1cf381485d528660N.exe
- Size
  
  73KB
- MD5
  
  864bf72db3740baf1cf381485d528660
- SHA1
  
  970e0732afd698d8ebcafa159107702205bfbd46
- SHA256
  
  86f205398af0e8a9a586ba1ebcd9e0394a280b7c7a7f57ec377ec1152476440b
- SHA512
  
  72c04082ddece7d5627c33f3a0a43248d71363075000ab8609d1ba3fbdcf68b3e802bf4f52f64733c3e9a167447129ba256d1141cebcbeed7e016f8b9bd2fbf8
- SSDEEP
  
  1536:W7ZNLpApCZrt8PWGoPWGANdN+hEwHwDvZvk:6NLWpCZIzjwHwS
Score

9^/10

discovery ransomware
- Renames multiple (3147) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware