e390027874b524f6cd679ab8dfc56f002d649ba21d9afdd00de15d3468282122 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a347967a6fa845399e0e95db22b4c700N.exe
Size

38KB
Sample

240821-y417vsydja
MD5

a347967a6fa845399e0e95db22b4c700
SHA1

cb091d6463b37cf2b8b7e0f7e7dfc13e558e6666
SHA256

e390027874b524f6cd679ab8dfc56f002d649ba21d9afdd00de15d3468282122
SHA512

7d3593fa11dbf19ce2522a5cd48423fdd6e9af85e04cd88f275b551ea9c6ef0e50f05a08ec5c7da799541b9ff5b5b25aaba047cde86feb6894a51d44ff5933ac
SSDEEP

384:yBs7Br5xjL8AgA71Fbhva4S04SB2Js2JB:/7BlpQpARFbhS101kJ1JB

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  a347967a6fa845399e0e95db22b4c700N.exe
- Size
  
  38KB
- MD5
  
  a347967a6fa845399e0e95db22b4c700
- SHA1
  
  cb091d6463b37cf2b8b7e0f7e7dfc13e558e6666
- SHA256
  
  e390027874b524f6cd679ab8dfc56f002d649ba21d9afdd00de15d3468282122
- SHA512
  
  7d3593fa11dbf19ce2522a5cd48423fdd6e9af85e04cd88f275b551ea9c6ef0e50f05a08ec5c7da799541b9ff5b5b25aaba047cde86feb6894a51d44ff5933ac
- SSDEEP
  
  384:yBs7Br5xjL8AgA71Fbhva4S04SB2Js2JB:/7BlpQpARFbhS101kJ1JB
Score

9^/10

discovery ransomware
- Renames multiple (3292) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware