760b31963eec53e5b3bff84c7e81737fc811ca09104499ccdf4f227abaf16195 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

df05e2156d4d18e333aa782a813f4dc0N.exe
Size

92KB
Sample

240902-mbdejsxgqp
MD5

df05e2156d4d18e333aa782a813f4dc0
SHA1

29baa7815438f156bfb56cc46b52e6acc7f7f9a7
SHA256

760b31963eec53e5b3bff84c7e81737fc811ca09104499ccdf4f227abaf16195
SHA512

50afc625ea2e2e307d1028852ee26a9f94157d858c9854cfc7e7ff50cc511969eb865555936bf96632c95e95f3ebd06464ca71388312b4eb7ded869fd471b21e
SSDEEP

1536:W7Z2sspAp5YSfffynKDkEDkHp7Z2sspAp5YSfffynKDkEDkHe:62ssWpKnD1z2ssWpKnD1+

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  df05e2156d4d18e333aa782a813f4dc0N.exe
- Size
  
  92KB
- MD5
  
  df05e2156d4d18e333aa782a813f4dc0
- SHA1
  
  29baa7815438f156bfb56cc46b52e6acc7f7f9a7
- SHA256
  
  760b31963eec53e5b3bff84c7e81737fc811ca09104499ccdf4f227abaf16195
- SHA512
  
  50afc625ea2e2e307d1028852ee26a9f94157d858c9854cfc7e7ff50cc511969eb865555936bf96632c95e95f3ebd06464ca71388312b4eb7ded869fd471b21e
- SSDEEP
  
  1536:W7Z2sspAp5YSfffynKDkEDkHp7Z2sspAp5YSfffynKDkEDkHe:62ssWpKnD1z2ssWpKnD1+
Score

9^/10

discovery ransomware
- Renames multiple (4482) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware