1aea7e13980730f57ae3ae556e69008f43683625aabe3625f6becf8aa5dc76c8 | Triage

Sharing

General

Target

97f56ac09f9b371e994ba93bb90bf020N.exe
Size

48KB
Sample

240829-bhc7ksxgkl
MD5

97f56ac09f9b371e994ba93bb90bf020
SHA1

6cc8b5bad89b0ea91a98a190c03db7e6242119cc
SHA256

1aea7e13980730f57ae3ae556e69008f43683625aabe3625f6becf8aa5dc76c8
SHA512

1e1e72057cc9fa21b99b8b996a334ee843f0cddaa148385cd241f9704930324cf8e5e31b021ff3c240b46f19052e4b03e9400bf82b597f5d0071edf753536545
SSDEEP

768:W7BlpppARFbhHFoqAJwBqAJw1VyjVyhbabgNT:W7ZppApyVyjVyrNT

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  97f56ac09f9b371e994ba93bb90bf020N.exe
- Size
  
  48KB
- MD5
  
  97f56ac09f9b371e994ba93bb90bf020
- SHA1
  
  6cc8b5bad89b0ea91a98a190c03db7e6242119cc
- SHA256
  
  1aea7e13980730f57ae3ae556e69008f43683625aabe3625f6becf8aa5dc76c8
- SHA512
  
  1e1e72057cc9fa21b99b8b996a334ee843f0cddaa148385cd241f9704930324cf8e5e31b021ff3c240b46f19052e4b03e9400bf82b597f5d0071edf753536545
- SSDEEP
  
  768:W7BlpppARFbhHFoqAJwBqAJw1VyjVyhbabgNT:W7ZppApyVyjVyrNT
Score

9^/10

discovery ransomware
- Renames multiple (3221) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware