f478feb9a00a99cb4a1d9c128d61df26a0ffe6e099fd41388d03d027908207ff | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a418c39500ba8d8c1fa43fa9c2b22880N.exe
Size

99KB
Sample

240901-t867fswhrh
MD5

a418c39500ba8d8c1fa43fa9c2b22880
SHA1

02d88406d4c9a187e299e50091f57f09db521fd9
SHA256

f478feb9a00a99cb4a1d9c128d61df26a0ffe6e099fd41388d03d027908207ff
SHA512

663425efd7c1229434bf1f69ae9dd8017b37fec8ef72f2bc22e22a01a2ce05f076bb9a891c138516edd2cbaedafa659738b0a24cab05f31ab0a848f055cf54de
SSDEEP

3072:6e7WpHIyRF9ESWu0SWujKsKRsP9fVL9ily:RqlIyFESWu0SWu86jYly

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  a418c39500ba8d8c1fa43fa9c2b22880N.exe
- Size
  
  99KB
- MD5
  
  a418c39500ba8d8c1fa43fa9c2b22880
- SHA1
  
  02d88406d4c9a187e299e50091f57f09db521fd9
- SHA256
  
  f478feb9a00a99cb4a1d9c128d61df26a0ffe6e099fd41388d03d027908207ff
- SHA512
  
  663425efd7c1229434bf1f69ae9dd8017b37fec8ef72f2bc22e22a01a2ce05f076bb9a891c138516edd2cbaedafa659738b0a24cab05f31ab0a848f055cf54de
- SSDEEP
  
  3072:6e7WpHIyRF9ESWu0SWujKsKRsP9fVL9ily:RqlIyFESWu0SWu86jYly
Score

9^/10

discovery ransomware
- Renames multiple (3071) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware