50e6ae2379c3850e13d142558a8499f99708efa9202e6063a26bb8021937b9c1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

61594586e1d34ee7c034d4362a487020N.exe
Size

40KB
Sample

240829-chhyhaybkd
MD5

61594586e1d34ee7c034d4362a487020
SHA1

752193c184f9e02aaeb42e9e117044ddd2208444
SHA256

50e6ae2379c3850e13d142558a8499f99708efa9202e6063a26bb8021937b9c1
SHA512

2291da3ab8d0ee262b1ba3dc838d6d16d996060906a128b4ff8d687a4fb4716f1ea3c369c7dcdc09828b3d35a6bb7c2f59185edda9eda05419fd5634b0d479f8
SSDEEP

384:GBt7Br5xjL9AgA71Fbhv7bhv3KueKudLl++KdcLUA38gdcLUA38gl:W7BlpppARFbhjbhPKueKudLw1b

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  61594586e1d34ee7c034d4362a487020N.exe
- Size
  
  40KB
- MD5
  
  61594586e1d34ee7c034d4362a487020
- SHA1
  
  752193c184f9e02aaeb42e9e117044ddd2208444
- SHA256
  
  50e6ae2379c3850e13d142558a8499f99708efa9202e6063a26bb8021937b9c1
- SHA512
  
  2291da3ab8d0ee262b1ba3dc838d6d16d996060906a128b4ff8d687a4fb4716f1ea3c369c7dcdc09828b3d35a6bb7c2f59185edda9eda05419fd5634b0d479f8
- SSDEEP
  
  384:GBt7Br5xjL9AgA71Fbhv7bhv3KueKudLl++KdcLUA38gdcLUA38gl:W7BlpppARFbhjbhPKueKudLw1b
Score

9^/10

discovery ransomware
- Renames multiple (485) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware