0d3b08f3eed076b0082c9d4963ef0cda4ce0ea8018fc9db3cb5fd2e8ae566f98 | Triage

Sharing

General

Target

1c0263a1f9f39bb838c28dc8d55a9b30N.exe
Size

55KB
Sample

240829-pccwhs1ang
MD5

1c0263a1f9f39bb838c28dc8d55a9b30
SHA1

fbcef63b65215da6524a9c3c9c6a083098aa3a78
SHA256

0d3b08f3eed076b0082c9d4963ef0cda4ce0ea8018fc9db3cb5fd2e8ae566f98
SHA512

5c8a13940b8604563d0e2e37e3fa7874e3f6287ed2256d86fb5f7a20a5df85dfa579fb11e1e0275f581c36aee388bc66add6d85932c7f2e37d3847f638562945
SSDEEP

1536:W7ZhA7pApM21LOA1LO2c6b25gc6b25uCrbpSvr5UNW:6e7WpMgLOiLO2c6b25gc6b25u

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  1c0263a1f9f39bb838c28dc8d55a9b30N.exe
- Size
  
  55KB
- MD5
  
  1c0263a1f9f39bb838c28dc8d55a9b30
- SHA1
  
  fbcef63b65215da6524a9c3c9c6a083098aa3a78
- SHA256
  
  0d3b08f3eed076b0082c9d4963ef0cda4ce0ea8018fc9db3cb5fd2e8ae566f98
- SHA512
  
  5c8a13940b8604563d0e2e37e3fa7874e3f6287ed2256d86fb5f7a20a5df85dfa579fb11e1e0275f581c36aee388bc66add6d85932c7f2e37d3847f638562945
- SSDEEP
  
  1536:W7ZhA7pApM21LOA1LO2c6b25gc6b25uCrbpSvr5UNW:6e7WpMgLOiLO2c6b25gc6b25u
Score

9^/10

discovery ransomware
- Renames multiple (3261) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware