20fd99199312e1b551a54649c3bb7803e4f9213d98b492003f5a1a7f80c735e8 | Triage

Sharing

General

Target

20fd99199312e1b551a54649c3bb7803e4f9213d98b492003f5a1a7f80c735e8
Size

47KB
Sample

240825-yemyya1ekg
MD5

4aa940de38e334f3830dcec55db92f46
SHA1

57305b8da79ccd2dbc34d337bf7950b6f27f0380
SHA256

20fd99199312e1b551a54649c3bb7803e4f9213d98b492003f5a1a7f80c735e8
SHA512

837b22b420b477c1931b8be882f86e9e0db861d793e6e2345d553cc1a4f9d13166eda8ba73fc90c0b1e16c13ed8538905829c7867ceebd453d6cda618294142d
SSDEEP

768:/7BlpQpARFbhsYcUYcwaVl2di1xzaVl2di1xDw9:/7ZQpApsYcUYcwaVowfaVowM

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  20fd99199312e1b551a54649c3bb7803e4f9213d98b492003f5a1a7f80c735e8
- Size
  
  47KB
- MD5
  
  4aa940de38e334f3830dcec55db92f46
- SHA1
  
  57305b8da79ccd2dbc34d337bf7950b6f27f0380
- SHA256
  
  20fd99199312e1b551a54649c3bb7803e4f9213d98b492003f5a1a7f80c735e8
- SHA512
  
  837b22b420b477c1931b8be882f86e9e0db861d793e6e2345d553cc1a4f9d13166eda8ba73fc90c0b1e16c13ed8538905829c7867ceebd453d6cda618294142d
- SSDEEP
  
  768:/7BlpQpARFbhsYcUYcwaVl2di1xzaVl2di1xDw9:/7ZQpApsYcUYcwaVowfaVowM
Score

9^/10

discovery ransomware
- Renames multiple (454) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware