648274553880069e1e1b55e57c2b8763ec4d4bb5428be778747af8ae1837c7cb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Trojan.Danger.ATA_virussign.com_4ada473504405ea42506376eb1477fb0.exe
Size

55KB
Sample

240907-pzznsswckl
MD5

4ada473504405ea42506376eb1477fb0
SHA1

f9ad0dc3658bdb2070fa5e5c482ac7c48402eede
SHA256

648274553880069e1e1b55e57c2b8763ec4d4bb5428be778747af8ae1837c7cb
SHA512

d2ac51f10258ae93e7e7be7d70ee203d8459961cc75939f254108e8a069ccdd2b89822c099e047fe300d850dc88bbd21d65d7d0fc1e303b6cbb3d90f786817c1
SSDEEP

1536:W7ZppApBULcfpHLcfpyD3tHtS+AtS+BKy:6pWpBwchcwD3tuKy

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  Trojan.Danger.ATA_virussign.com_4ada473504405ea42506376eb1477fb0.exe
- Size
  
  55KB
- MD5
  
  4ada473504405ea42506376eb1477fb0
- SHA1
  
  f9ad0dc3658bdb2070fa5e5c482ac7c48402eede
- SHA256
  
  648274553880069e1e1b55e57c2b8763ec4d4bb5428be778747af8ae1837c7cb
- SHA512
  
  d2ac51f10258ae93e7e7be7d70ee203d8459961cc75939f254108e8a069ccdd2b89822c099e047fe300d850dc88bbd21d65d7d0fc1e303b6cbb3d90f786817c1
- SSDEEP
  
  1536:W7ZppApBULcfpHLcfpyD3tHtS+AtS+BKy:6pWpBwchcwD3tuKy
Score

9^/10

discovery ransomware
- Renames multiple (283) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware