ec6082ab581498db0c921c6fe43c625b9d8a66869a6f3e42e25b7d45bd5da990 | Triage

Sharing

General

Target

954ca6466028eca8d80e7b2ee1c85e60N.exe
Size

621KB
Sample

240829-erkvkavdpk
MD5

954ca6466028eca8d80e7b2ee1c85e60
SHA1

ecfe9019cfc51478640ca570f575c56e3e986cec
SHA256

ec6082ab581498db0c921c6fe43c625b9d8a66869a6f3e42e25b7d45bd5da990
SHA512

d1b3077385fc615b93f629d069859c25f6a23d2f570e280c0ece6d73c794cf0be6d3d93292973feb74a3ce4c9dbb85aa6a7855fc85e282ae65aab94d002b8477
SSDEEP

12288:Ck2ZkNvUKvWAWmIJY/83gai1hr/+IRdyC3wy7c6V0wR:CvumKDs4801RIC3f7c6V0w

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  954ca6466028eca8d80e7b2ee1c85e60N.exe
- Size
  
  621KB
- MD5
  
  954ca6466028eca8d80e7b2ee1c85e60
- SHA1
  
  ecfe9019cfc51478640ca570f575c56e3e986cec
- SHA256
  
  ec6082ab581498db0c921c6fe43c625b9d8a66869a6f3e42e25b7d45bd5da990
- SHA512
  
  d1b3077385fc615b93f629d069859c25f6a23d2f570e280c0ece6d73c794cf0be6d3d93292973feb74a3ce4c9dbb85aa6a7855fc85e282ae65aab94d002b8477
- SSDEEP
  
  12288:Ck2ZkNvUKvWAWmIJY/83gai1hr/+IRdyC3wy7c6V0wR:CvumKDs4801RIC3f7c6V0w
Score

9^/10

discovery ransomware
- Renames multiple (1093) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware