be3cda963a8dfd039c33f56509aeeace09492ee667a10460e326ffac601c19a0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Trojan.Danger.ATA_virussign.com_f974e18eb06f6d578431976e68bead7b.exe
Size

97KB
Sample

240907-p1jc7swekq
MD5

f974e18eb06f6d578431976e68bead7b
SHA1

cad3967900316f8bcdfd65e620a7596f19827cc7
SHA256

be3cda963a8dfd039c33f56509aeeace09492ee667a10460e326ffac601c19a0
SHA512

1bc6a1667d7c824866712cb1b47ab2b253ee97b1f18b95165c33a3477e1cceb00de92f2c4d910abfbaf5188197e97abe1b290ff4882b5fdfcd59e0c97f0ec130
SSDEEP

3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBk:PqFF2Ie+eFP

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  Trojan.Danger.ATA_virussign.com_f974e18eb06f6d578431976e68bead7b.exe
- Size
  
  97KB
- MD5
  
  f974e18eb06f6d578431976e68bead7b
- SHA1
  
  cad3967900316f8bcdfd65e620a7596f19827cc7
- SHA256
  
  be3cda963a8dfd039c33f56509aeeace09492ee667a10460e326ffac601c19a0
- SHA512
  
  1bc6a1667d7c824866712cb1b47ab2b253ee97b1f18b95165c33a3477e1cceb00de92f2c4d910abfbaf5188197e97abe1b290ff4882b5fdfcd59e0c97f0ec130
- SSDEEP
  
  3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBk:PqFF2Ie+eFP
Score

9^/10

discovery ransomware
- Renames multiple (2331) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware