22e0f8313f1d852d1f4e9afbc2f322b8348e563632f7a075ceb2ac3e42c67436 | Triage

Sharing

General

Target

6c89a6db8a17480ac16105b17428e750N.exe
Size

41KB
Sample

240820-npsl3ayhlg
MD5

6c89a6db8a17480ac16105b17428e750
SHA1

52186d3b7e56702636d2c3a2120bbaed4e7405f1
SHA256

22e0f8313f1d852d1f4e9afbc2f322b8348e563632f7a075ceb2ac3e42c67436
SHA512

87215ff90dc71ac5188782307a67345789180fa3839f24f9a5522c3e348ce56ad29ab642e95aaffcd2eb312bcccab1fbcdeb1697b94220cf5dca20d04f7e9ac9
SSDEEP

384:GBt7Br5xjLvassAgA71FbhvYD/DggNNHpQKMNHpQKMwk:W7Blp2sspARFbhVgNNHpQRNHpQR/

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  6c89a6db8a17480ac16105b17428e750N.exe
- Size
  
  41KB
- MD5
  
  6c89a6db8a17480ac16105b17428e750
- SHA1
  
  52186d3b7e56702636d2c3a2120bbaed4e7405f1
- SHA256
  
  22e0f8313f1d852d1f4e9afbc2f322b8348e563632f7a075ceb2ac3e42c67436
- SHA512
  
  87215ff90dc71ac5188782307a67345789180fa3839f24f9a5522c3e348ce56ad29ab642e95aaffcd2eb312bcccab1fbcdeb1697b94220cf5dca20d04f7e9ac9
- SSDEEP
  
  384:GBt7Br5xjLvassAgA71FbhvYD/DggNNHpQKMNHpQKMwk:W7Blp2sspARFbhVgNNHpQRNHpQR/
Score

9^/10

discovery ransomware
- Renames multiple (3445) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware