75dc14b9c529066a6e6b94b4c3db9e92a69efcfe9fe9bd77e02ee8ec20d41bb2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

75dc14b9c529066a6e6b94b4c3db9e92a69efcfe9fe9bd77e02ee8ec20d41bb2
Size

106KB
Sample

240911-2r5lasxdnp
MD5

1b563f3d60ae766d3699c73f0c0f6793
SHA1

75383f675eefb29358d9ff47581c681b31c3e1ee
SHA256

75dc14b9c529066a6e6b94b4c3db9e92a69efcfe9fe9bd77e02ee8ec20d41bb2
SHA512

5ff23389fed6d484ba46a7c6dfecc08787482eac9f00bc8f565fc30cf32584f1f04cbdc00fd0c239c26a55c392f49b6eaae0e6e44ff6cc6a03b965c4a97a4ce5
SSDEEP

1536:W7Z2sspAp5YSfffcS07Z2sspAp5YSfffcSIwT2H6uZwT2H6uS:62ssWp+2ssWpN

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  75dc14b9c529066a6e6b94b4c3db9e92a69efcfe9fe9bd77e02ee8ec20d41bb2
- Size
  
  106KB
- MD5
  
  1b563f3d60ae766d3699c73f0c0f6793
- SHA1
  
  75383f675eefb29358d9ff47581c681b31c3e1ee
- SHA256
  
  75dc14b9c529066a6e6b94b4c3db9e92a69efcfe9fe9bd77e02ee8ec20d41bb2
- SHA512
  
  5ff23389fed6d484ba46a7c6dfecc08787482eac9f00bc8f565fc30cf32584f1f04cbdc00fd0c239c26a55c392f49b6eaae0e6e44ff6cc6a03b965c4a97a4ce5
- SSDEEP
  
  1536:W7Z2sspAp5YSfffcS07Z2sspAp5YSfffcSIwT2H6uZwT2H6uS:62ssWp+2ssWpN
Score

9^/10

discovery ransomware
- Renames multiple (4801) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware