80e2fcd6255f513ac13c879f9461449baee8f16e66f59a77e628e3a645162d1d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e32e3c628b8630b6350519fe6daa7250N.exe
Size

52KB
Sample

240821-vlyggatenk
MD5

e32e3c628b8630b6350519fe6daa7250
SHA1

f666c4ed5b137c91c0d8eb7a09e9fe9946147a44
SHA256

80e2fcd6255f513ac13c879f9461449baee8f16e66f59a77e628e3a645162d1d
SHA512

c490f2f8f67ea2b4cf75bc05587e9c05ba5df2ddef533c3c20b2addc8cca7f353def2882c1c1438af11aaddba013b23f04b4188830168154d1f1fb2f64c3e69a
SSDEEP

384:GBt7Br5xjL9A7AgA71FbhvnIH2YsTKnKqtaW3WaEdW3WHY3SjSFvs7j:W7BlphA7pARFbhvOsTKnKqtkYi+Fvm

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  e32e3c628b8630b6350519fe6daa7250N.exe
- Size
  
  52KB
- MD5
  
  e32e3c628b8630b6350519fe6daa7250
- SHA1
  
  f666c4ed5b137c91c0d8eb7a09e9fe9946147a44
- SHA256
  
  80e2fcd6255f513ac13c879f9461449baee8f16e66f59a77e628e3a645162d1d
- SHA512
  
  c490f2f8f67ea2b4cf75bc05587e9c05ba5df2ddef533c3c20b2addc8cca7f353def2882c1c1438af11aaddba013b23f04b4188830168154d1f1fb2f64c3e69a
- SSDEEP
  
  384:GBt7Br5xjL9A7AgA71FbhvnIH2YsTKnKqtaW3WaEdW3WHY3SjSFvs7j:W7BlphA7pARFbhvOsTKnKqtkYi+Fvm
Score

9^/10

discovery ransomware
- Renames multiple (3346) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware