1fe33372b32e977a9af59ef7a0eeea8b6934499484d96bf8202ea2a42ab1eb41 | Triage

Sharing

General

Target

86e2011a29d9fa98f410eb23e0b7dba0N.exe
Size

74KB
Sample

240903-r38rzs1cld
MD5

86e2011a29d9fa98f410eb23e0b7dba0
SHA1

ddd14201ae7ab10f651282408fb9b4571df65bfc
SHA256

1fe33372b32e977a9af59ef7a0eeea8b6934499484d96bf8202ea2a42ab1eb41
SHA512

914d6a9ce8d8a6e186869c980c505d5b015e0c1412ccc037a5f2c954e2f25d1707201c149dfe98e7e66cbef6d022d412c4c28860b1d72011a853c93fa75dfa54
SSDEEP

768:W7BlpNLpARFbhblkYlkrt8xvEJf2s26K/A:W7ZNLpApCZrt8xvpo

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  86e2011a29d9fa98f410eb23e0b7dba0N.exe
- Size
  
  74KB
- MD5
  
  86e2011a29d9fa98f410eb23e0b7dba0
- SHA1
  
  ddd14201ae7ab10f651282408fb9b4571df65bfc
- SHA256
  
  1fe33372b32e977a9af59ef7a0eeea8b6934499484d96bf8202ea2a42ab1eb41
- SHA512
  
  914d6a9ce8d8a6e186869c980c505d5b015e0c1412ccc037a5f2c954e2f25d1707201c149dfe98e7e66cbef6d022d412c4c28860b1d72011a853c93fa75dfa54
- SSDEEP
  
  768:W7BlpNLpARFbhblkYlkrt8xvEJf2s26K/A:W7ZNLpApCZrt8xvpo
Score

9^/10

discovery ransomware
- Renames multiple (2966) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware