31fd1454c9dcfa04ed0b2b48b99fa17c46af72cdd14f2e2de8629064ae0aac69 | Triage

Sharing

General

Target

36e0e2abcbc9d58f75be09be8e602910N.exe
Size

108KB
Sample

240822-yadjpswhkr
MD5

36e0e2abcbc9d58f75be09be8e602910
SHA1

9bdb16d1182fdbd2e9ba6b1e1aed2ba72a8ef93a
SHA256

31fd1454c9dcfa04ed0b2b48b99fa17c46af72cdd14f2e2de8629064ae0aac69
SHA512

b51c67d6988a15337ff5a5d462276e61ac74f80a31c7155226dab6cbebe678b9b08fd99f355caf228c0d79d3709cd0d7d209833a123b410780d7a4086209507e
SSDEEP

3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBR:PqFF2Ie+efsim2QF

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  36e0e2abcbc9d58f75be09be8e602910N.exe
- Size
  
  108KB
- MD5
  
  36e0e2abcbc9d58f75be09be8e602910
- SHA1
  
  9bdb16d1182fdbd2e9ba6b1e1aed2ba72a8ef93a
- SHA256
  
  31fd1454c9dcfa04ed0b2b48b99fa17c46af72cdd14f2e2de8629064ae0aac69
- SHA512
  
  b51c67d6988a15337ff5a5d462276e61ac74f80a31c7155226dab6cbebe678b9b08fd99f355caf228c0d79d3709cd0d7d209833a123b410780d7a4086209507e
- SSDEEP
  
  3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBR:PqFF2Ie+efsim2QF
Score

9^/10

discovery ransomware
- Renames multiple (2887) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware