7ae103ef2fd76801d71d20eb287627ae3aeefda1bcd93dde8b28016431c5dd98 | Triage

Sharing

General

Target

7ae103ef2fd76801d71d20eb287627ae3aeefda1bcd93dde8b28016431c5dd98
Size

95KB
Sample

240911-2zq3wayapb
MD5

6a1b82e2519367ebb6dcd2047ba741dd
SHA1

90514c7205552e5a478b42dcae525645013eb728
SHA256

7ae103ef2fd76801d71d20eb287627ae3aeefda1bcd93dde8b28016431c5dd98
SHA512

1b1f00de3d198679e83e747b5415bf85474b40f37285363a8312ced1cd546a9c988e0093efcdea3172a4a5489c9a5629baf2f7ab3648edbd56eac92030432e47
SSDEEP

1536:W7ZhA7pApw03vR03v1SXfI7ZhA7pApw03vR03v1SXfaSc:6e7WpwYRY1SXfIe7WpwYRY1SXfA

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  7ae103ef2fd76801d71d20eb287627ae3aeefda1bcd93dde8b28016431c5dd98
- Size
  
  95KB
- MD5
  
  6a1b82e2519367ebb6dcd2047ba741dd
- SHA1
  
  90514c7205552e5a478b42dcae525645013eb728
- SHA256
  
  7ae103ef2fd76801d71d20eb287627ae3aeefda1bcd93dde8b28016431c5dd98
- SHA512
  
  1b1f00de3d198679e83e747b5415bf85474b40f37285363a8312ced1cd546a9c988e0093efcdea3172a4a5489c9a5629baf2f7ab3648edbd56eac92030432e47
- SSDEEP
  
  1536:W7ZhA7pApw03vR03v1SXfI7ZhA7pApw03vR03v1SXfaSc:6e7WpwYRY1SXfIe7WpwYRY1SXfA
Score

9^/10

discovery ransomware
- Renames multiple (4819) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware