55f3bd6b1bf2bcb8aed6163ab484fafe70efa44a3faf4bce5260d16dff4e3955 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fc453298ae2384b4ff7279be9978b410N.exe
Size

83KB
Sample

240820-ycsfmstdkn
MD5

fc453298ae2384b4ff7279be9978b410
SHA1

764767d8ca6cc80e377c189a7a59760429b0df6b
SHA256

55f3bd6b1bf2bcb8aed6163ab484fafe70efa44a3faf4bce5260d16dff4e3955
SHA512

a88ccb860048495d58cbcbc2e3992672409451a62e5338c81790a2ba8ba2acf6510448ac5915c3fa82b577f6c3294a0441ddb15b2949d082431053b6b4c648bc
SSDEEP

1536:W7ZhA7pApw03vR03v4Y07ZhA7pApw03vR03v4Yb:6e7WpwYRY4Y0e7WpwYRY4Yb

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  fc453298ae2384b4ff7279be9978b410N.exe
- Size
  
  83KB
- MD5
  
  fc453298ae2384b4ff7279be9978b410
- SHA1
  
  764767d8ca6cc80e377c189a7a59760429b0df6b
- SHA256
  
  55f3bd6b1bf2bcb8aed6163ab484fafe70efa44a3faf4bce5260d16dff4e3955
- SHA512
  
  a88ccb860048495d58cbcbc2e3992672409451a62e5338c81790a2ba8ba2acf6510448ac5915c3fa82b577f6c3294a0441ddb15b2949d082431053b6b4c648bc
- SSDEEP
  
  1536:W7ZhA7pApw03vR03v4Y07ZhA7pApw03vR03v4Yb:6e7WpwYRY4Y0e7WpwYRY4Yb
Score

9^/10

discovery ransomware
- Renames multiple (4489) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware