d70c5b570227615c0e4942676d526cd06aefe09b48df8ec035eeb3797a77c366 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a4c0cfe3fe8aa6de634ac12114b7050N.exe
Size

56KB
Sample

240904-amq4kasdle
MD5

3a4c0cfe3fe8aa6de634ac12114b7050
SHA1

c2a0bd3aff33bddc817c7a3753680ffc7ab7569e
SHA256

d70c5b570227615c0e4942676d526cd06aefe09b48df8ec035eeb3797a77c366
SHA512

8cd5ee229a21960126d37f76ff178d2c2da7451273e9e6b4be2f1be6c58770e4b5b95e6e9b820dbad62fda6d11b9debd6b21919f2e8ebe3190ba3169d6aeb930
SSDEEP

384:GBt7Br5xjL9AgA71Fbhv7bhvo42L5FgAytBVRs0QaSu+x0QaSu+n:W7BlpppARFbhjbhg42LcfRStuStn

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  3a4c0cfe3fe8aa6de634ac12114b7050N.exe
- Size
  
  56KB
- MD5
  
  3a4c0cfe3fe8aa6de634ac12114b7050
- SHA1
  
  c2a0bd3aff33bddc817c7a3753680ffc7ab7569e
- SHA256
  
  d70c5b570227615c0e4942676d526cd06aefe09b48df8ec035eeb3797a77c366
- SHA512
  
  8cd5ee229a21960126d37f76ff178d2c2da7451273e9e6b4be2f1be6c58770e4b5b95e6e9b820dbad62fda6d11b9debd6b21919f2e8ebe3190ba3169d6aeb930
- SSDEEP
  
  384:GBt7Br5xjL9AgA71Fbhv7bhvo42L5FgAytBVRs0QaSu+x0QaSu+n:W7BlpppARFbhjbhg42LcfRStuStn
Score

9^/10

discovery ransomware
- Renames multiple (2882) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware