868aa142774771965f8744f8f0d886790fc8f530b49c8ba2202a0e085ff88326 | Triage

Sharing

General

Target

eb92c23fd0130951e99332ba5ed5fa00N.exe
Size

165KB
Sample

240905-11gp6a1djm
MD5

eb92c23fd0130951e99332ba5ed5fa00
SHA1

ba113592b951f7a86c5f714b6334b76c96ecfdd7
SHA256

868aa142774771965f8744f8f0d886790fc8f530b49c8ba2202a0e085ff88326
SHA512

a9f06f09e1f48ca0021136f85966fbc8cc810a6c61f34480b05d60cafdd9055ac5f6399023196c685fec860e188fce477784f0def7074a11af12423381e5367f
SSDEEP

1536:W7ZhA7pApXTdsdYSD7ZhA7pApXTdsdYSL:6e7WpXBShe7WpXBSL

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  eb92c23fd0130951e99332ba5ed5fa00N.exe
- Size
  
  165KB
- MD5
  
  eb92c23fd0130951e99332ba5ed5fa00
- SHA1
  
  ba113592b951f7a86c5f714b6334b76c96ecfdd7
- SHA256
  
  868aa142774771965f8744f8f0d886790fc8f530b49c8ba2202a0e085ff88326
- SHA512
  
  a9f06f09e1f48ca0021136f85966fbc8cc810a6c61f34480b05d60cafdd9055ac5f6399023196c685fec860e188fce477784f0def7074a11af12423381e5367f
- SSDEEP
  
  1536:W7ZhA7pApXTdsdYSD7ZhA7pApXTdsdYSL:6e7WpXBShe7WpXBSL
Score

9^/10

discovery ransomware
- Renames multiple (349) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware