3941b8822b8b4ae26537dbaf5805c731287c0ad5a69b5fc2c45f7c717da66feb | Triage

Sharing

General

Target

6d05038dfeaf2810458845c011c99200N.exe
Size

195KB
Sample

240821-sls6msyfrp
MD5

6d05038dfeaf2810458845c011c99200
SHA1

5270cbf231fe44666787cef0aa5c5aadcbf59eac
SHA256

3941b8822b8b4ae26537dbaf5805c731287c0ad5a69b5fc2c45f7c717da66feb
SHA512

314a7af33c870c8879b6512d7d27392656eee564fe56bf79c509c30c24e1117ebed018295e515541bea63e8d79b198a51f3e2791bbb101c046359c962b0811d7
SSDEEP

3072:6e7WpMNca3rytOkWpXfnYRl2l/9HSFHzJ0lBJTzkZ:RqKB+tOkWKR0iJ0lTzkZ

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  6d05038dfeaf2810458845c011c99200N.exe
- Size
  
  195KB
- MD5
  
  6d05038dfeaf2810458845c011c99200
- SHA1
  
  5270cbf231fe44666787cef0aa5c5aadcbf59eac
- SHA256
  
  3941b8822b8b4ae26537dbaf5805c731287c0ad5a69b5fc2c45f7c717da66feb
- SHA512
  
  314a7af33c870c8879b6512d7d27392656eee564fe56bf79c509c30c24e1117ebed018295e515541bea63e8d79b198a51f3e2791bbb101c046359c962b0811d7
- SSDEEP
  
  3072:6e7WpMNca3rytOkWpXfnYRl2l/9HSFHzJ0lBJTzkZ:RqKB+tOkWKR0iJ0lTzkZ
Score

9^/10

discovery ransomware
- Renames multiple (2661) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware