09ed8ebca0690c3c500e7d2af156c521d5cc7cdc9802b6418f078a51d18a3f4d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

46301d59fcc60d21312f1165439e1260N.exe
Size

87KB
Sample

240902-g1jd7svelc
MD5

46301d59fcc60d21312f1165439e1260
SHA1

180f317d7699c980577a11f4a0b39c0d3d605674
SHA256

09ed8ebca0690c3c500e7d2af156c521d5cc7cdc9802b6418f078a51d18a3f4d
SHA512

e7d9c36227b797e5b9fbd26707c812bc7eba41ebb0d02c9fc5f86cc93ff5437a44db16974b1958ef02ae78ea4333c5f393939a9febaa884cffd859e658c44af9
SSDEEP

768:W7Blp2sspARFbh5YSfff9n1oXKCqzEIn1oXKCqzEZ7Blp2sspARFbh5YSfff9n1k:W7Z2sspAp5YSfffy7Z2sspAp5YSfffM

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  46301d59fcc60d21312f1165439e1260N.exe
- Size
  
  87KB
- MD5
  
  46301d59fcc60d21312f1165439e1260
- SHA1
  
  180f317d7699c980577a11f4a0b39c0d3d605674
- SHA256
  
  09ed8ebca0690c3c500e7d2af156c521d5cc7cdc9802b6418f078a51d18a3f4d
- SHA512
  
  e7d9c36227b797e5b9fbd26707c812bc7eba41ebb0d02c9fc5f86cc93ff5437a44db16974b1958ef02ae78ea4333c5f393939a9febaa884cffd859e658c44af9
- SSDEEP
  
  768:W7Blp2sspARFbh5YSfff9n1oXKCqzEIn1oXKCqzEZ7Blp2sspARFbh5YSfff9n1k:W7Z2sspAp5YSfffy7Z2sspAp5YSfffM
Score

9^/10

discovery ransomware
- Renames multiple (4856) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware