93da04e47059a90bc3cf623b7b8a3dc503f19d9a7d8be73f56e8d7eb4bed1b66 | Triage

Sharing

General

Target

a9e8889654ddcf24587f0bd527f17670N.exe
Size

3.8MB
Sample

240909-ngs8mavejq
MD5

a9e8889654ddcf24587f0bd527f17670
SHA1

b512c9fe7c505d89c4060540c4662e637d62aff0
SHA256

93da04e47059a90bc3cf623b7b8a3dc503f19d9a7d8be73f56e8d7eb4bed1b66
SHA512

837065470df7e12b57832de24d57a5df69d2ea9ad0bf2d19a5ecf9adf89bc52c38740083348a74127e6e545afdc5966aecacb8a6e889d0c9b14a6f2311fbd87c
SSDEEP

98304:iFXvJ8PRw2Bwb05nwZBgNxbyAw4/HAqP:yvJ8Pa2BwgwZSxjxTP

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  a9e8889654ddcf24587f0bd527f17670N.exe
- Size
  
  3.8MB
- MD5
  
  a9e8889654ddcf24587f0bd527f17670
- SHA1
  
  b512c9fe7c505d89c4060540c4662e637d62aff0
- SHA256
  
  93da04e47059a90bc3cf623b7b8a3dc503f19d9a7d8be73f56e8d7eb4bed1b66
- SHA512
  
  837065470df7e12b57832de24d57a5df69d2ea9ad0bf2d19a5ecf9adf89bc52c38740083348a74127e6e545afdc5966aecacb8a6e889d0c9b14a6f2311fbd87c
- SSDEEP
  
  98304:iFXvJ8PRw2Bwb05nwZBgNxbyAw4/HAqP:yvJ8Pa2BwgwZSxjxTP
Score

9^/10

discovery ransomware
- Renames multiple (210) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware