b9fbbc9619697dbbe86d020585209e1d848d9439523ae48bae91655c1d9e3396 | Triage

Sharing

General

Target

dfb2a37bd75bda8f84352365e6806c90N.exe
Size

201KB
Sample

240821-b2dx8axepl
MD5

dfb2a37bd75bda8f84352365e6806c90
SHA1

fe60a934c05556f9b6549666b0f2aedd0c091ce9
SHA256

b9fbbc9619697dbbe86d020585209e1d848d9439523ae48bae91655c1d9e3396
SHA512

f59049fa3910dc2df4b0224019bb30573b9bd944250cea02fd835cc4a95ba8d400a433fd14e9314da2cddb29ee387e9bc272189c6c36bf62ef17f7886131ffa5
SSDEEP

3072:6e7WpMNca3rytOkWpXfnYRl2l/9HSFHzJ0lBJTzki:RqKB+tOkWKR0iJ0lTzki

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  dfb2a37bd75bda8f84352365e6806c90N.exe
- Size
  
  201KB
- MD5
  
  dfb2a37bd75bda8f84352365e6806c90
- SHA1
  
  fe60a934c05556f9b6549666b0f2aedd0c091ce9
- SHA256
  
  b9fbbc9619697dbbe86d020585209e1d848d9439523ae48bae91655c1d9e3396
- SHA512
  
  f59049fa3910dc2df4b0224019bb30573b9bd944250cea02fd835cc4a95ba8d400a433fd14e9314da2cddb29ee387e9bc272189c6c36bf62ef17f7886131ffa5
- SSDEEP
  
  3072:6e7WpMNca3rytOkWpXfnYRl2l/9HSFHzJ0lBJTzki:RqKB+tOkWKR0iJ0lTzki
Score

9^/10

discovery ransomware
- Renames multiple (2643) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware