2a19b7e163d5d46969b154cfec639a6227a1be3ccdb4ecf7805a28c5582eb376 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

449ae696067f7e13f959e652a53eb770N.exe
Size

34KB
Sample

240821-rglekasfjf
MD5

449ae696067f7e13f959e652a53eb770
SHA1

5bc037d5fc6644cd17531b9a36bc32c7942c612c
SHA256

2a19b7e163d5d46969b154cfec639a6227a1be3ccdb4ecf7805a28c5582eb376
SHA512

a847812c6a415989af11153f586de6bbfe925c5d9373ba9e5abadd45c1df32425c1284e1ecc1d8ddaa7585063311e1118cc91e79b469845aa9f1be44c36afa87
SSDEEP

384:GBt7Br5xjL9AgA71Fbhv7bhv3KueKudLl++KF:W7BlpppARFbhjbhPKueKudLw1F

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  449ae696067f7e13f959e652a53eb770N.exe
- Size
  
  34KB
- MD5
  
  449ae696067f7e13f959e652a53eb770
- SHA1
  
  5bc037d5fc6644cd17531b9a36bc32c7942c612c
- SHA256
  
  2a19b7e163d5d46969b154cfec639a6227a1be3ccdb4ecf7805a28c5582eb376
- SHA512
  
  a847812c6a415989af11153f586de6bbfe925c5d9373ba9e5abadd45c1df32425c1284e1ecc1d8ddaa7585063311e1118cc91e79b469845aa9f1be44c36afa87
- SSDEEP
  
  384:GBt7Br5xjL9AgA71Fbhv7bhv3KueKudLl++KF:W7BlpppARFbhjbhPKueKudLw1F
Score

9^/10

discovery ransomware
- Renames multiple (448) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware