dbba965c06e3b61600fe11d1dccab8193b940caaa5ce109028c7b7815844e697 | Triage

Sharing

General

Target

806d1380900f45c7a06794ffcf2d6f50N.exe
Size

48KB
Sample

240829-e3lagatdnh
MD5

806d1380900f45c7a06794ffcf2d6f50
SHA1

ec8767e459d4426414b4c96ebf4503c1b7343b7a
SHA256

dbba965c06e3b61600fe11d1dccab8193b940caaa5ce109028c7b7815844e697
SHA512

ab82856adbacbbbcb83d45485d4f204a6f89ec0759635bb5b81ecb204647be01201ec82473d0ca50d6f8c8a202899ed0654b3787cd854dfc8025342b50d1da12
SSDEEP

768:W7BlpppARFbhjbhg42LcfpR42LcfproFNFXpK5c5khwRDThwRDiu7uG:W7ZppApBULcfpHLcfpyDA6swXwD

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  806d1380900f45c7a06794ffcf2d6f50N.exe
- Size
  
  48KB
- MD5
  
  806d1380900f45c7a06794ffcf2d6f50
- SHA1
  
  ec8767e459d4426414b4c96ebf4503c1b7343b7a
- SHA256
  
  dbba965c06e3b61600fe11d1dccab8193b940caaa5ce109028c7b7815844e697
- SHA512
  
  ab82856adbacbbbcb83d45485d4f204a6f89ec0759635bb5b81ecb204647be01201ec82473d0ca50d6f8c8a202899ed0654b3787cd854dfc8025342b50d1da12
- SSDEEP
  
  768:W7BlpppARFbhjbhg42LcfpR42LcfproFNFXpK5c5khwRDThwRDiu7uG:W7ZppApBULcfpHLcfpyDA6swXwD
Score

9^/10

discovery ransomware
- Renames multiple (3250) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware