6488fee0ac2170dc063991f552dbdad1e3eaba52647bb4d5388f32dd77879e03 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6488fee0ac2170dc063991f552dbdad1e3eaba52647bb4d5388f32dd77879e03
Size

102KB
Sample

240825-2j6tds1bqq
MD5

3793e5d21dea92e4b62913b948326f8b
SHA1

8bb200593f4f555a6ae91ce4d408d1f73d1835fb
SHA256

6488fee0ac2170dc063991f552dbdad1e3eaba52647bb4d5388f32dd77879e03
SHA512

291d403dd8ee8f67bacb4971e26a815f968bc07deb5f02fadb44a56f128837cd63432b4ef8efb480933e497e85da1c9bc8c00080c0cc123386487a3b2f903f91
SSDEEP

1536:W7ZppApBULcfpHLcfpyDORfRk7ZppApBULcfpHLcfpyDORfRW:6pWpBwchcwDORfRkpWpBwchcwDORfRW

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  6488fee0ac2170dc063991f552dbdad1e3eaba52647bb4d5388f32dd77879e03
- Size
  
  102KB
- MD5
  
  3793e5d21dea92e4b62913b948326f8b
- SHA1
  
  8bb200593f4f555a6ae91ce4d408d1f73d1835fb
- SHA256
  
  6488fee0ac2170dc063991f552dbdad1e3eaba52647bb4d5388f32dd77879e03
- SHA512
  
  291d403dd8ee8f67bacb4971e26a815f968bc07deb5f02fadb44a56f128837cd63432b4ef8efb480933e497e85da1c9bc8c00080c0cc123386487a3b2f903f91
- SSDEEP
  
  1536:W7ZppApBULcfpHLcfpyDORfRk7ZppApBULcfpHLcfpyDORfRW:6pWpBwchcwDORfRkpWpBwchcwDORfRW
Score

9^/10

discovery ransomware
- Renames multiple (688) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware