a2d7724ec81f8d5848d62935cc7cc21dbd43d3872327903c81bf0e2103d5544a | Triage

Sharing

General

Target

a2d7724ec81f8d5848d62935cc7cc21dbd43d3872327903c81bf0e2103d5544a
Size

83KB
Sample

240902-ccbl8szara
MD5

6329ce080a04b88f09e0f6fe633a9a91
SHA1

1fa8f2542f4318a3bc98e0355fb18a31610019a0
SHA256

a2d7724ec81f8d5848d62935cc7cc21dbd43d3872327903c81bf0e2103d5544a
SHA512

24da75bcebc7a9e83b4e51526a842405f511e9f02aa1c1689b214aea31ebc362e5c2c766edca20b09ffac9eebb3a439949915f085c782a58e6735d13d0cb5740
SSDEEP

1536:W7ZppApBULcfpHLcfpyDJ7ZppApBULcfpHLcfpyD3:6pWpBwchcwDzpWpBwchcwD3

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  a2d7724ec81f8d5848d62935cc7cc21dbd43d3872327903c81bf0e2103d5544a
- Size
  
  83KB
- MD5
  
  6329ce080a04b88f09e0f6fe633a9a91
- SHA1
  
  1fa8f2542f4318a3bc98e0355fb18a31610019a0
- SHA256
  
  a2d7724ec81f8d5848d62935cc7cc21dbd43d3872327903c81bf0e2103d5544a
- SHA512
  
  24da75bcebc7a9e83b4e51526a842405f511e9f02aa1c1689b214aea31ebc362e5c2c766edca20b09ffac9eebb3a439949915f085c782a58e6735d13d0cb5740
- SSDEEP
  
  1536:W7ZppApBULcfpHLcfpyDJ7ZppApBULcfpHLcfpyD3:6pWpBwchcwDzpWpBwchcwD3
Score

9^/10

discovery ransomware
- Renames multiple (3911) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware