4b4c2d379e566639ff0aede57523f1637fd6058efd9150ce3c43bb8ca93e2c10 | Triage

Sharing

General

Target

1a5f56120541ac016ef283ccef46a890N.exe
Size

42KB
Sample

240901-1ce7essbqr
MD5

1a5f56120541ac016ef283ccef46a890
SHA1

16e5efdf8f30b7d91ae8c4a5a522a3853b972f8e
SHA256

4b4c2d379e566639ff0aede57523f1637fd6058efd9150ce3c43bb8ca93e2c10
SHA512

63c9ddca1aa0aa8fa32ad0e98f83d40e7bb3630ae6ba6cdcf586b222e871e5c0046f6a7b0d3077c3080e0a4e212173a39d1d5c5fdb98ec3a5c2f1ef509167a0a
SSDEEP

384:GBt7Br5xjLdbAAgA71FbhvU8g0U0fL+8t8YwTZ18VwdZ353aZ353F:W7Blp+pARFbhBgnKL+8t8NZ/353e353F

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  1a5f56120541ac016ef283ccef46a890N.exe
- Size
  
  42KB
- MD5
  
  1a5f56120541ac016ef283ccef46a890
- SHA1
  
  16e5efdf8f30b7d91ae8c4a5a522a3853b972f8e
- SHA256
  
  4b4c2d379e566639ff0aede57523f1637fd6058efd9150ce3c43bb8ca93e2c10
- SHA512
  
  63c9ddca1aa0aa8fa32ad0e98f83d40e7bb3630ae6ba6cdcf586b222e871e5c0046f6a7b0d3077c3080e0a4e212173a39d1d5c5fdb98ec3a5c2f1ef509167a0a
- SSDEEP
  
  384:GBt7Br5xjLdbAAgA71FbhvU8g0U0fL+8t8YwTZ18VwdZ353aZ353F:W7Blp+pARFbhBgnKL+8t8NZ/353e353F
Score

9^/10

discovery ransomware
- Renames multiple (3284) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware