adcd06d57bafe27b630bea7c8fafabb7e51c783bb45d1f7168cc9a2177c503a5 | Triage

Sharing

General

Target

b749026dfb6862ff9ca3958b4c3f5a00N.exe
Size

98KB
Sample

240902-h3k69avelm
MD5

b749026dfb6862ff9ca3958b4c3f5a00
SHA1

058ca768f0576efaf3eb56290c66a0d38e8d665d
SHA256

adcd06d57bafe27b630bea7c8fafabb7e51c783bb45d1f7168cc9a2177c503a5
SHA512

50669d2396efbe0464857e2e6f211faf21458aa5961a64f8bb63bfb28ab491bdaf1ee661c8c729e7d987b30be2dbb6aea1ed7499b92afe52d8a1064d1c8d1abd
SSDEEP

1536:W7ZppApBULcfpHLcfpyDc7ZppApBULcfpHLcfpyD7:6pWpBwchcwDcpWpBwchcwD7

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  b749026dfb6862ff9ca3958b4c3f5a00N.exe
- Size
  
  98KB
- MD5
  
  b749026dfb6862ff9ca3958b4c3f5a00
- SHA1
  
  058ca768f0576efaf3eb56290c66a0d38e8d665d
- SHA256
  
  adcd06d57bafe27b630bea7c8fafabb7e51c783bb45d1f7168cc9a2177c503a5
- SHA512
  
  50669d2396efbe0464857e2e6f211faf21458aa5961a64f8bb63bfb28ab491bdaf1ee661c8c729e7d987b30be2dbb6aea1ed7499b92afe52d8a1064d1c8d1abd
- SSDEEP
  
  1536:W7ZppApBULcfpHLcfpyDc7ZppApBULcfpHLcfpyD7:6pWpBwchcwDcpWpBwchcwD7
Score

9^/10

discovery ransomware
- Renames multiple (4723) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware