bda3e07595e700cb326d344f7aa5fb5e3ba7c925bf4a17f026d3fdc6247af881 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

23c0afa45514a85283afe3fa9dd59700N.exe
Size

39KB
Sample

240903-z32yfaxcnj
MD5

23c0afa45514a85283afe3fa9dd59700
SHA1

4f096c32124e0919b32f7de88b382c0af145e537
SHA256

bda3e07595e700cb326d344f7aa5fb5e3ba7c925bf4a17f026d3fdc6247af881
SHA512

baf8942820e1c3cba6887c7009a7b40b33a9ad4455374014aae949009ce7fe4cf81958b48cb5f6cc618f17df2e86780f8ccecd0ab577898e188ebe3375b07230
SSDEEP

384:GBt7Br5xjL9AgA71Fbhv7bhv3KueKudLl++KR2U27F6Vi28gfF6Vi28gF:W7BlpppARFbhjbhPKueKudLw1M

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  23c0afa45514a85283afe3fa9dd59700N.exe
- Size
  
  39KB
- MD5
  
  23c0afa45514a85283afe3fa9dd59700
- SHA1
  
  4f096c32124e0919b32f7de88b382c0af145e537
- SHA256
  
  bda3e07595e700cb326d344f7aa5fb5e3ba7c925bf4a17f026d3fdc6247af881
- SHA512
  
  baf8942820e1c3cba6887c7009a7b40b33a9ad4455374014aae949009ce7fe4cf81958b48cb5f6cc618f17df2e86780f8ccecd0ab577898e188ebe3375b07230
- SSDEEP
  
  384:GBt7Br5xjL9AgA71Fbhv7bhv3KueKudLl++KR2U27F6Vi28gfF6Vi28gF:W7BlpppARFbhjbhPKueKudLw1M
Score

9^/10

discovery ransomware
- Renames multiple (3447) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware