e40797c223d19fa9767d43c07a2c0fc77b7e9065d4f3b7b0ac79732524486a5c | Triage

Sharing

General

Target

b604c3d517160e8e2eacc8b9344d7060N.exe
Size

85KB
Sample

240902-zk6tnsxgqf
MD5

b604c3d517160e8e2eacc8b9344d7060
SHA1

e23195444eb511a8401bbe3237eaaa030d1e2dbe
SHA256

e40797c223d19fa9767d43c07a2c0fc77b7e9065d4f3b7b0ac79732524486a5c
SHA512

bce665857a4ca00cd3859e588a70081bda7f5ba50f8844e8c8275824f4fd1ffaa37a824d1ee83ddf7da90d219d5915719e003d7630de91ace759d25725a61219
SSDEEP

1536:W7Z2sspAp5YSfffynKDkEDk07Z2sspAp5YSfffynKDkEDk9:62ssWpKnD102ssWpKnD19

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  b604c3d517160e8e2eacc8b9344d7060N.exe
- Size
  
  85KB
- MD5
  
  b604c3d517160e8e2eacc8b9344d7060
- SHA1
  
  e23195444eb511a8401bbe3237eaaa030d1e2dbe
- SHA256
  
  e40797c223d19fa9767d43c07a2c0fc77b7e9065d4f3b7b0ac79732524486a5c
- SHA512
  
  bce665857a4ca00cd3859e588a70081bda7f5ba50f8844e8c8275824f4fd1ffaa37a824d1ee83ddf7da90d219d5915719e003d7630de91ace759d25725a61219
- SSDEEP
  
  1536:W7Z2sspAp5YSfffynKDkEDk07Z2sspAp5YSfffynKDkEDk9:62ssWpKnD102ssWpKnD19
Score

9^/10

discovery ransomware
- Renames multiple (4887) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware