e787f703d877b9aa0c7724fcc5d6d996c0c152f0e553e22d1e6c61429b1178f0 | Triage

Sharing

General

Target

e787f703d877b9aa0c7724fcc5d6d996c0c152f0e553e22d1e6c61429b1178f0
Size

42KB
Sample

240825-herzws1hmn
MD5

47ca3e27df241b211eaf42bc68ce681a
SHA1

2a233f6f4d8bfdfa1355e4dbb23b679145f72ea5
SHA256

e787f703d877b9aa0c7724fcc5d6d996c0c152f0e553e22d1e6c61429b1178f0
SHA512

f5fd2aaca24cafe775f3ae4c5d4699e1a756357a217b2e56e952f040e4f1b090499d7d90fb21ee4c6c552460d182ed92f20068fbb846211eeda2742f28fc5f9c
SSDEEP

384:yBs7Br5xjL8AgA71Fbhv/FzzwzDojo4jZj8:/7BlpQpARFbhNIDojop

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  e787f703d877b9aa0c7724fcc5d6d996c0c152f0e553e22d1e6c61429b1178f0
- Size
  
  42KB
- MD5
  
  47ca3e27df241b211eaf42bc68ce681a
- SHA1
  
  2a233f6f4d8bfdfa1355e4dbb23b679145f72ea5
- SHA256
  
  e787f703d877b9aa0c7724fcc5d6d996c0c152f0e553e22d1e6c61429b1178f0
- SHA512
  
  f5fd2aaca24cafe775f3ae4c5d4699e1a756357a217b2e56e952f040e4f1b090499d7d90fb21ee4c6c552460d182ed92f20068fbb846211eeda2742f28fc5f9c
- SSDEEP
  
  384:yBs7Br5xjL8AgA71Fbhv/FzzwzDojo4jZj8:/7BlpQpARFbhNIDojop
Score

9^/10

discovery ransomware
- Renames multiple (3776) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware