9434effcbb04859be42d38246c0e4cfb4fa329c9a4975506a33865182447f33c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4006749f44bdff17f7be647da1e784e0N.exe
Size

49KB
Sample

240822-htb7zsxdmj
MD5

4006749f44bdff17f7be647da1e784e0
SHA1

b3acdced246a80581836c0a658e188d5e58c9bd2
SHA256

9434effcbb04859be42d38246c0e4cfb4fa329c9a4975506a33865182447f33c
SHA512

07512a5a9b09cc4e5aead23e29af591b5ecc2c6bbf9a81e99e64eb9c538566ce31be272e5f6ed6b033c5e134feadd4ddeba7141d16baa46ac890055d6156857b
SSDEEP

384:GBt7Br5xjLvassAgA71FbhvYD/DCgAgMJ0sd333P3/+:W7Blp2sspARFbhnJ0ss

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  4006749f44bdff17f7be647da1e784e0N.exe
- Size
  
  49KB
- MD5
  
  4006749f44bdff17f7be647da1e784e0
- SHA1
  
  b3acdced246a80581836c0a658e188d5e58c9bd2
- SHA256
  
  9434effcbb04859be42d38246c0e4cfb4fa329c9a4975506a33865182447f33c
- SHA512
  
  07512a5a9b09cc4e5aead23e29af591b5ecc2c6bbf9a81e99e64eb9c538566ce31be272e5f6ed6b033c5e134feadd4ddeba7141d16baa46ac890055d6156857b
- SSDEEP
  
  384:GBt7Br5xjLvassAgA71FbhvYD/DCgAgMJ0sd333P3/+:W7Blp2sspARFbhnJ0ss
Score

9^/10

discovery ransomware
- Renames multiple (3440) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware