dbd6a8cded4e1c377770f79a34a43f06a4c3a1e873297d841fb22b58ab967092 | Triage

Sharing

General

Target

Trojan.Danger.ATA_virussign.com_5095fd55dbb1d0e33307da678eef9670.exe
Size

49KB
Sample

240907-pz1abswclj
MD5

5095fd55dbb1d0e33307da678eef9670
SHA1

c786add4a0e645b37480d58f10542d63afe87d4b
SHA256

dbd6a8cded4e1c377770f79a34a43f06a4c3a1e873297d841fb22b58ab967092
SHA512

889e5d143a07cb11ed38237bbd0364157f3b6bb64a87d56fbd3f0c87552d57a7c804eecafbca1c7350a61d0cba1b17f0d80fd1b0d37d33c890f897f13ec1f0a1
SSDEEP

768:W7BlpppARFbhjbhg42LcfpR42LcfproFNFjqAJLOqAJLY2kPWG3PWGD:W7ZppApBULcfpHLcfpyDf2kPWG3PWGD

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  Trojan.Danger.ATA_virussign.com_5095fd55dbb1d0e33307da678eef9670.exe
- Size
  
  49KB
- MD5
  
  5095fd55dbb1d0e33307da678eef9670
- SHA1
  
  c786add4a0e645b37480d58f10542d63afe87d4b
- SHA256
  
  dbd6a8cded4e1c377770f79a34a43f06a4c3a1e873297d841fb22b58ab967092
- SHA512
  
  889e5d143a07cb11ed38237bbd0364157f3b6bb64a87d56fbd3f0c87552d57a7c804eecafbca1c7350a61d0cba1b17f0d80fd1b0d37d33c890f897f13ec1f0a1
- SSDEEP
  
  768:W7BlpppARFbhjbhg42LcfpR42LcfproFNFjqAJLOqAJLY2kPWG3PWGD:W7ZppApBULcfpHLcfpyDf2kPWG3PWGD
Score

9^/10

discovery ransomware
- Renames multiple (3140) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware