317ae2fb378814de3c4ba5ac32a3143de34dfdbca43a95cc77ddb41646a45c84 | Triage

Sharing

General

Target

317ae2fb378814de3c4ba5ac32a3143de34dfdbca43a95cc77ddb41646a45c84.exe
Size

51KB
Sample

240908-cayc8azgqb
MD5

6c9e8cbcbd9f9302f597fe0cc10a05e8
SHA1

bfe52a05dd8af0c74fa412b0170adc3b917a852d
SHA256

317ae2fb378814de3c4ba5ac32a3143de34dfdbca43a95cc77ddb41646a45c84
SHA512

6fd3836af2c3988583f3ccd69325ca03e737d764a86ad3c691397417235593219f124056ea12e7f70f3fc7498984553d934482463726e40474c2c0f2c5055887
SSDEEP

768:W7Blp2sspARFbh5YSfff9n1oXKCqzEIn1oXKCqzE1IwScIwSWF/MF/y:W7Z2sspAp5YSfffMrfr92a

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  317ae2fb378814de3c4ba5ac32a3143de34dfdbca43a95cc77ddb41646a45c84.exe
- Size
  
  51KB
- MD5
  
  6c9e8cbcbd9f9302f597fe0cc10a05e8
- SHA1
  
  bfe52a05dd8af0c74fa412b0170adc3b917a852d
- SHA256
  
  317ae2fb378814de3c4ba5ac32a3143de34dfdbca43a95cc77ddb41646a45c84
- SHA512
  
  6fd3836af2c3988583f3ccd69325ca03e737d764a86ad3c691397417235593219f124056ea12e7f70f3fc7498984553d934482463726e40474c2c0f2c5055887
- SSDEEP
  
  768:W7Blp2sspARFbh5YSfff9n1oXKCqzEIn1oXKCqzE1IwScIwSWF/MF/y:W7Z2sspAp5YSfffMrfr92a
Score

9^/10

discovery ransomware
- Renames multiple (3678) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware