d6cf90fee8ea7164f68a4c7ac2f2e4f7729fdc2fb19627cea65b5474eb223ed3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f686b59f7f8d5481b2bbdca6e66c2760N.exe
Size

41KB
Sample

240906-bv22gazajb
MD5

f686b59f7f8d5481b2bbdca6e66c2760
SHA1

8bfb62b08e1a49a15914beb37c7d59b69f846e9f
SHA256

d6cf90fee8ea7164f68a4c7ac2f2e4f7729fdc2fb19627cea65b5474eb223ed3
SHA512

42904188d97df23a15399e453ddccddbcb5fc33fe8dba78a37ecb5981fa9fa5a21be1d62f9c4410e49f4b9914e92a492a8046242ec3e4c267b5ff56b96cd545c
SSDEEP

384:GBt7Br5xjL9AgA71Fbhv7bhvo42L5FgAytBpR42L5FgAytBpW/H:W7BlpppARFbhjbhg42LcfpR42LcfpW/H

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  f686b59f7f8d5481b2bbdca6e66c2760N.exe
- Size
  
  41KB
- MD5
  
  f686b59f7f8d5481b2bbdca6e66c2760
- SHA1
  
  8bfb62b08e1a49a15914beb37c7d59b69f846e9f
- SHA256
  
  d6cf90fee8ea7164f68a4c7ac2f2e4f7729fdc2fb19627cea65b5474eb223ed3
- SHA512
  
  42904188d97df23a15399e453ddccddbcb5fc33fe8dba78a37ecb5981fa9fa5a21be1d62f9c4410e49f4b9914e92a492a8046242ec3e4c267b5ff56b96cd545c
- SSDEEP
  
  384:GBt7Br5xjL9AgA71Fbhv7bhvo42L5FgAytBpR42L5FgAytBpW/H:W7BlpppARFbhjbhg42LcfpR42LcfpW/H
Score

9^/10

discovery ransomware
- Renames multiple (3250) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware