4e8280bf3752cebc1437c1bc43995953fe9f29806fa6256580bcdd48de6144f0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bb58476630e8a0ef06d8b7a6fc7fb5e0N.exe
Size

37KB
Sample

240820-ngfbrssfrp
MD5

bb58476630e8a0ef06d8b7a6fc7fb5e0
SHA1

9b9522ca2587876b9fc5687d733654d6738feba3
SHA256

4e8280bf3752cebc1437c1bc43995953fe9f29806fa6256580bcdd48de6144f0
SHA512

839e43fe973a1fd51382cdf7efa0e49eb0fe325618762bc6f92191a5a7bd051bec1932dc21c17810a363e82b61a2889cbdb0981ffae1a587e4548069620dbd68
SSDEEP

384:GBt7Br5xjLvassAgA71FbhvgqHqMjL4jLS/3MMf/3MMqlTGxlTGrwB7:W7Blp2sspARFbh5YSfffqGLG0

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  bb58476630e8a0ef06d8b7a6fc7fb5e0N.exe
- Size
  
  37KB
- MD5
  
  bb58476630e8a0ef06d8b7a6fc7fb5e0
- SHA1
  
  9b9522ca2587876b9fc5687d733654d6738feba3
- SHA256
  
  4e8280bf3752cebc1437c1bc43995953fe9f29806fa6256580bcdd48de6144f0
- SHA512
  
  839e43fe973a1fd51382cdf7efa0e49eb0fe325618762bc6f92191a5a7bd051bec1932dc21c17810a363e82b61a2889cbdb0981ffae1a587e4548069620dbd68
- SSDEEP
  
  384:GBt7Br5xjLvassAgA71FbhvgqHqMjL4jLS/3MMf/3MMqlTGxlTGrwB7:W7Blp2sspARFbh5YSfffqGLG0
Score

9^/10

discovery ransomware
- Renames multiple (3453) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware