e7a2c67402720ea8874568a98e13d1b286139f4a1bdd7f9ea7c6d89f25f5cfe2 | Triage

Sharing

General

Target

0cfaf9685f530f9b8882c4159275bb10N.exe
Size

194KB
Sample

240901-evp9fs1hja
MD5

0cfaf9685f530f9b8882c4159275bb10
SHA1

8ce3ff45b6a7ee4176815221b23cbf63c1ced6c1
SHA256

e7a2c67402720ea8874568a98e13d1b286139f4a1bdd7f9ea7c6d89f25f5cfe2
SHA512

65cad80357b50811569daab6261aed49788ce1e9085a4c0ea3f53633b6902a59792ee091c83ff149fea7599910d66f52b864f464a0ee71e1070d05185da16a37
SSDEEP

3072:6e7WpMNca3rytOkWpXfnYRl2l/9HSFHzJ0lBJTzkz:RqKB+tOkWKR0iJ0lTzkz

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  0cfaf9685f530f9b8882c4159275bb10N.exe
- Size
  
  194KB
- MD5
  
  0cfaf9685f530f9b8882c4159275bb10
- SHA1
  
  8ce3ff45b6a7ee4176815221b23cbf63c1ced6c1
- SHA256
  
  e7a2c67402720ea8874568a98e13d1b286139f4a1bdd7f9ea7c6d89f25f5cfe2
- SHA512
  
  65cad80357b50811569daab6261aed49788ce1e9085a4c0ea3f53633b6902a59792ee091c83ff149fea7599910d66f52b864f464a0ee71e1070d05185da16a37
- SSDEEP
  
  3072:6e7WpMNca3rytOkWpXfnYRl2l/9HSFHzJ0lBJTzkz:RqKB+tOkWKR0iJ0lTzkz
Score

9^/10

discovery ransomware
- Renames multiple (2691) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware