9452555e763622934b4c31a2e4ce42aa7962aa3b66d82aaa44a29aff5483d1c5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2fc72279f411184ab732066b30559cb0N.exe
Size

289KB
Sample

240904-yv2r2awgnc
MD5

2fc72279f411184ab732066b30559cb0
SHA1

10a3031789fd619c13b4c83c5684b1c678d3f088
SHA256

9452555e763622934b4c31a2e4ce42aa7962aa3b66d82aaa44a29aff5483d1c5
SHA512

6cbaeed35d1ee148c1b119dbd215fd2106f0250a109341aa7710efe7bdcdb1de4039ab42e9cc95c8a57b0a2db4ac8eda3e5d35505de3f0d37fdf6e729ac565d4
SSDEEP

6144:RqKvb0CYJ973e+eKZOf7fWqKvb0CYfqKvb0CYJ973e+eKZOf7fWqKvb0CYo:vvbxYX7Z1vbxYxvbxYX7Z1vbxYo

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  2fc72279f411184ab732066b30559cb0N.exe
- Size
  
  289KB
- MD5
  
  2fc72279f411184ab732066b30559cb0
- SHA1
  
  10a3031789fd619c13b4c83c5684b1c678d3f088
- SHA256
  
  9452555e763622934b4c31a2e4ce42aa7962aa3b66d82aaa44a29aff5483d1c5
- SHA512
  
  6cbaeed35d1ee148c1b119dbd215fd2106f0250a109341aa7710efe7bdcdb1de4039ab42e9cc95c8a57b0a2db4ac8eda3e5d35505de3f0d37fdf6e729ac565d4
- SSDEEP
  
  6144:RqKvb0CYJ973e+eKZOf7fWqKvb0CYfqKvb0CYJ973e+eKZOf7fWqKvb0CYo:vvbxYX7Z1vbxYxvbxYX7Z1vbxYo
Score

9^/10

discovery ransomware
- Renames multiple (3870) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware