2f1d56cfbd7b75d0d1056d6a0c2e83188d8ce5251123681b0c5c9ff3d8451dea | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d4634fa84f6500db2e412ba554ef1d80N.exe
Size

157KB
Sample

240904-f8y9yswhlf
MD5

d4634fa84f6500db2e412ba554ef1d80
SHA1

d9df81f72f6e73cb0e759c4cdde9547f354a7eb9
SHA256

2f1d56cfbd7b75d0d1056d6a0c2e83188d8ce5251123681b0c5c9ff3d8451dea
SHA512

ff04e1aeb963c025d79f4d4fd7317160a5df4755389f03e28539b3d51e985cac70531275b5e3864fd9c2c7b98b0ce3fec17f655fd50ecf27ff31a75edbd7ed8f
SSDEEP

3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFMEhLfyBt5:PqFh2Ie+ePLu

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  d4634fa84f6500db2e412ba554ef1d80N.exe
- Size
  
  157KB
- MD5
  
  d4634fa84f6500db2e412ba554ef1d80
- SHA1
  
  d9df81f72f6e73cb0e759c4cdde9547f354a7eb9
- SHA256
  
  2f1d56cfbd7b75d0d1056d6a0c2e83188d8ce5251123681b0c5c9ff3d8451dea
- SHA512
  
  ff04e1aeb963c025d79f4d4fd7317160a5df4755389f03e28539b3d51e985cac70531275b5e3864fd9c2c7b98b0ce3fec17f655fd50ecf27ff31a75edbd7ed8f
- SSDEEP
  
  3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFMEhLfyBt5:PqFh2Ie+ePLu
Score

9^/10

discovery ransomware
- Renames multiple (2841) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware