06e5bfd7a192a97df52ef0e24cf51f5df01da4c1d1bb385c7f5f4638d953d444 | Triage

Sharing

General

Target

06e5bfd7a192a97df52ef0e24cf51f5df01da4c1d1bb385c7f5f4638d953d444.exe
Size

63KB
Sample

240908-bhbczswakp
MD5

c13db6465d884e4c842a3efd45898f21
SHA1

aeade95c05124b6bbe618f0987f23bc215843335
SHA256

06e5bfd7a192a97df52ef0e24cf51f5df01da4c1d1bb385c7f5f4638d953d444
SHA512

e5cfb485de51e7c5ac23713cbc2af1fa1b1585fb6b99b04e8758e77a02c5bb9e3e6e11c7c6c193a88a212e800bedf79f71ff87e6486e546c178e401accd69b2a
SSDEEP

1536:W7ZrpApojswv0EhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFsF9:6rWpcsHEhLfyBtPf50FWkFpPDze/qFs9

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  06e5bfd7a192a97df52ef0e24cf51f5df01da4c1d1bb385c7f5f4638d953d444.exe
- Size
  
  63KB
- MD5
  
  c13db6465d884e4c842a3efd45898f21
- SHA1
  
  aeade95c05124b6bbe618f0987f23bc215843335
- SHA256
  
  06e5bfd7a192a97df52ef0e24cf51f5df01da4c1d1bb385c7f5f4638d953d444
- SHA512
  
  e5cfb485de51e7c5ac23713cbc2af1fa1b1585fb6b99b04e8758e77a02c5bb9e3e6e11c7c6c193a88a212e800bedf79f71ff87e6486e546c178e401accd69b2a
- SSDEEP
  
  1536:W7ZrpApojswv0EhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFsF9:6rWpcsHEhLfyBtPf50FWkFpPDze/qFs9
Score

9^/10

discovery ransomware
- Renames multiple (3695) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware