d38030480115f816d241d6be52b3a9d9104722c55343d7a43122a91af28321fe | Triage

Sharing

General

Target

Trojan.Danger.ATA_virussign.com_d47868e4504ac8941064cf4885be9403.exe
Size

39KB
Sample

240907-p1fmbawfqf
MD5

d47868e4504ac8941064cf4885be9403
SHA1

1281041842130c15a059770c92ac781c778297a4
SHA256

d38030480115f816d241d6be52b3a9d9104722c55343d7a43122a91af28321fe
SHA512

155fa42079e3cc5728aa57e1618f12a7003a1d1ea17aa95f33c324b094378ba561f668936e9e8470d6c468aa822526eee46f762bfe14a3464035da20382aebe5
SSDEEP

768:W7BlphA7pARFbhM0Kkq81LOyq81LOl6Sl5lsS8:W7ZhA7pApM21LOA1LOl6vS8

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  Trojan.Danger.ATA_virussign.com_d47868e4504ac8941064cf4885be9403.exe
- Size
  
  39KB
- MD5
  
  d47868e4504ac8941064cf4885be9403
- SHA1
  
  1281041842130c15a059770c92ac781c778297a4
- SHA256
  
  d38030480115f816d241d6be52b3a9d9104722c55343d7a43122a91af28321fe
- SHA512
  
  155fa42079e3cc5728aa57e1618f12a7003a1d1ea17aa95f33c324b094378ba561f668936e9e8470d6c468aa822526eee46f762bfe14a3464035da20382aebe5
- SSDEEP
  
  768:W7BlphA7pARFbhM0Kkq81LOyq81LOl6Sl5lsS8:W7ZhA7pApM21LOA1LOl6vS8
Score

9^/10

discovery ransomware
- Renames multiple (3108) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware