f34b93b22b2d33f993c26d825702c8a3b5f0d03f4353d4e8eb84fc0fb5cb38ca | Triage

Sharing

General

Target

294e116bd98fab798d70c8343f132ec0N.exe
Size

79KB
Sample

240902-dmnvzs1dna
MD5

294e116bd98fab798d70c8343f132ec0
SHA1

7d7eae2c22cef5fa24144cba7ca4c65bdda7f516
SHA256

f34b93b22b2d33f993c26d825702c8a3b5f0d03f4353d4e8eb84fc0fb5cb38ca
SHA512

e9a2f7452bc4ea182972a105bbd71dd80da0dd8a47c61afd46cf193b80b1bab3fc95c22bfe581605a6e6767e396ad546d27168a23d996e76791b58c85820f0ab
SSDEEP

768:W7Blp+pARFbhBgnKL+8t8NZk7Blp+pARFbhBgnKL+8t8NZi:W7Z+pAp2nKLR7Z+pAp2nKLN

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  294e116bd98fab798d70c8343f132ec0N.exe
- Size
  
  79KB
- MD5
  
  294e116bd98fab798d70c8343f132ec0
- SHA1
  
  7d7eae2c22cef5fa24144cba7ca4c65bdda7f516
- SHA256
  
  f34b93b22b2d33f993c26d825702c8a3b5f0d03f4353d4e8eb84fc0fb5cb38ca
- SHA512
  
  e9a2f7452bc4ea182972a105bbd71dd80da0dd8a47c61afd46cf193b80b1bab3fc95c22bfe581605a6e6767e396ad546d27168a23d996e76791b58c85820f0ab
- SSDEEP
  
  768:W7Blp+pARFbhBgnKL+8t8NZk7Blp+pARFbhBgnKL+8t8NZi:W7Z+pAp2nKLR7Z+pAp2nKLN
Score

9^/10

discovery ransomware
- Renames multiple (4900) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware