a120d08d3014386efa0e068ca076c17c9262dc0e5e7e7ed172281db8ae3f449d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

485a7591e625aa42136ad0eb84cb3110N.exe
Size

64KB
Sample

240824-q65n3ashnf
MD5

485a7591e625aa42136ad0eb84cb3110
SHA1

79ecbac07cca043a6e59c9bbfbd3601eb5ebf1c1
SHA256

a120d08d3014386efa0e068ca076c17c9262dc0e5e7e7ed172281db8ae3f449d
SHA512

ca44144406a35b2fa6e5a50934b1c0d71465c53c4086122d37b2e6b3e60c5d51dbfe4da9356b16048e1ecc94874a980231258038a79c8221690a6a0b83e03b43
SSDEEP

768:W7BlpNLpARFbhblkYlkuvIYFdm0rEt0rEkEXBwzEXBwAh6H:W7ZNLpApCZuvIYXmdtd9hw

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  485a7591e625aa42136ad0eb84cb3110N.exe
- Size
  
  64KB
- MD5
  
  485a7591e625aa42136ad0eb84cb3110
- SHA1
  
  79ecbac07cca043a6e59c9bbfbd3601eb5ebf1c1
- SHA256
  
  a120d08d3014386efa0e068ca076c17c9262dc0e5e7e7ed172281db8ae3f449d
- SHA512
  
  ca44144406a35b2fa6e5a50934b1c0d71465c53c4086122d37b2e6b3e60c5d51dbfe4da9356b16048e1ecc94874a980231258038a79c8221690a6a0b83e03b43
- SSDEEP
  
  768:W7BlpNLpARFbhblkYlkuvIYFdm0rEt0rEkEXBwzEXBwAh6H:W7ZNLpApCZuvIYXmdtd9hw
Score

9^/10

discovery ransomware
- Renames multiple (3151) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware