381843b9308f72ca7c5f52dcd3581484ad2184468dcf1d843d651d11add961af | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d7f422393d0749d544cb603abfd3dbb0N.exe
Size

102KB
Sample

240829-n6erjazfqd
MD5

d7f422393d0749d544cb603abfd3dbb0
SHA1

71470207bbc3fa4a0176552644fc2c7a21e567ac
SHA256

381843b9308f72ca7c5f52dcd3581484ad2184468dcf1d843d651d11add961af
SHA512

633f45bcc44789c8326f89ece4cc317d138901af72c5640bb71fb61b2b1444d6f3a46daf927393698117b80b0926d06707965c9e3d76e43edc8a8d5de04d46de
SSDEEP

3072:6e7WpHIyRF9ESWu0SWujKsKRsP9fVL9ilg9e96:RqlIyFESWu0SWu86jYls

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  d7f422393d0749d544cb603abfd3dbb0N.exe
- Size
  
  102KB
- MD5
  
  d7f422393d0749d544cb603abfd3dbb0
- SHA1
  
  71470207bbc3fa4a0176552644fc2c7a21e567ac
- SHA256
  
  381843b9308f72ca7c5f52dcd3581484ad2184468dcf1d843d651d11add961af
- SHA512
  
  633f45bcc44789c8326f89ece4cc317d138901af72c5640bb71fb61b2b1444d6f3a46daf927393698117b80b0926d06707965c9e3d76e43edc8a8d5de04d46de
- SSDEEP
  
  3072:6e7WpHIyRF9ESWu0SWujKsKRsP9fVL9ilg9e96:RqlIyFESWu0SWu86jYls
Score

9^/10

discovery ransomware
- Renames multiple (2852) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware