822356c7e22e90dfa7bcd5eea329f9b5f93b8c2d07a485ecd1945007751f4e5f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d9b7fe3209b6d4ea1c652d6c113e57e0N.exe
Size

69KB
Sample

240820-nz75hatgmk
MD5

d9b7fe3209b6d4ea1c652d6c113e57e0
SHA1

3f342743c53285a56e09d5ed8956eee1b7b5ef3c
SHA256

822356c7e22e90dfa7bcd5eea329f9b5f93b8c2d07a485ecd1945007751f4e5f
SHA512

a672ebe36487aebef06f2599dbd8b2c58af6f7cb36656d6eba1f1fffb8470e3eb6cb08324e334d8f06674a794355312ecbb7297470b5f0570a509e523c0167cf
SSDEEP

1536:W7ZhA7dABJJZENTNyQYWTW7JJZENTNyQYbG3:6e76BtE8tEr

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  d9b7fe3209b6d4ea1c652d6c113e57e0N.exe
- Size
  
  69KB
- MD5
  
  d9b7fe3209b6d4ea1c652d6c113e57e0
- SHA1
  
  3f342743c53285a56e09d5ed8956eee1b7b5ef3c
- SHA256
  
  822356c7e22e90dfa7bcd5eea329f9b5f93b8c2d07a485ecd1945007751f4e5f
- SHA512
  
  a672ebe36487aebef06f2599dbd8b2c58af6f7cb36656d6eba1f1fffb8470e3eb6cb08324e334d8f06674a794355312ecbb7297470b5f0570a509e523c0167cf
- SSDEEP
  
  1536:W7ZhA7dABJJZENTNyQYWTW7JJZENTNyQYbG3:6e76BtE8tEr
Score

9^/10

discovery ransomware
- Renames multiple (3262) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware