26970ba71de2c30c7b7c1a8f4d9597c14156d9adc929346e064845dddc14eced | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28da3dbc4376e73434d3547eebd69750N.exe
Size

127KB
Sample

240821-kkbk7sygla
MD5

28da3dbc4376e73434d3547eebd69750
SHA1

7a85a69c980329ee5b59788665800d5ada2e3ec2
SHA256

26970ba71de2c30c7b7c1a8f4d9597c14156d9adc929346e064845dddc14eced
SHA512

72b49b28d835a342c7972f1b625ada1356e5e7fb0682d96893cc4fae5a0d25e32a3e10ddb82d488f034739e67e29011cfa884f3ea5e92e516229fab4f6b922b8
SSDEEP

1536:W7ZhA7dABJJZENTNyl2Sm0mKE593PrGsi10tmrm6q1pWjGSjOMpS:6e76BtE42EPXjZpS

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  28da3dbc4376e73434d3547eebd69750N.exe
- Size
  
  127KB
- MD5
  
  28da3dbc4376e73434d3547eebd69750
- SHA1
  
  7a85a69c980329ee5b59788665800d5ada2e3ec2
- SHA256
  
  26970ba71de2c30c7b7c1a8f4d9597c14156d9adc929346e064845dddc14eced
- SHA512
  
  72b49b28d835a342c7972f1b625ada1356e5e7fb0682d96893cc4fae5a0d25e32a3e10ddb82d488f034739e67e29011cfa884f3ea5e92e516229fab4f6b922b8
- SSDEEP
  
  1536:W7ZhA7dABJJZENTNyl2Sm0mKE593PrGsi10tmrm6q1pWjGSjOMpS:6e76BtE42EPXjZpS
Score

9^/10

discovery ransomware
- Renames multiple (2818) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware