487b89d7af4e29ea8194ca07b3faba37112eab5470b57b4f47025a21a112b94a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

487b89d7af4e29ea8194ca07b3faba37112eab5470b57b4f47025a21a112b94a
Size

77KB
Sample

240911-zx779sshkp
MD5

081a7f68e03924414fcc342afa2c8366
SHA1

effddc4854d58a03ad31c1ad2f035befb50d2d18
SHA256

487b89d7af4e29ea8194ca07b3faba37112eab5470b57b4f47025a21a112b94a
SHA512

d131db4e73152e48152d86a8344db26f2c6fa72aa0527fa241ead858c1bd7ebb62896da90f954f1c53c5e35246242031716a0bbc05ac3be06cc46719b2d5e59a
SSDEEP

768:W7BlphA7pARFbhvOsTKnKqtb4HBZjlwGpCYnigugqOzM9bdifwMtxEwJjlVk0:W7ZhA7pApvOsOKM4HBhaGwOQ54xEIjlv

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  487b89d7af4e29ea8194ca07b3faba37112eab5470b57b4f47025a21a112b94a
- Size
  
  77KB
- MD5
  
  081a7f68e03924414fcc342afa2c8366
- SHA1
  
  effddc4854d58a03ad31c1ad2f035befb50d2d18
- SHA256
  
  487b89d7af4e29ea8194ca07b3faba37112eab5470b57b4f47025a21a112b94a
- SHA512
  
  d131db4e73152e48152d86a8344db26f2c6fa72aa0527fa241ead858c1bd7ebb62896da90f954f1c53c5e35246242031716a0bbc05ac3be06cc46719b2d5e59a
- SSDEEP
  
  768:W7BlphA7pARFbhvOsTKnKqtb4HBZjlwGpCYnigugqOzM9bdifwMtxEwJjlVk0:W7ZhA7pApvOsOKM4HBhaGwOQ54xEIjlv
Score

9^/10

discovery ransomware
- Renames multiple (3460) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware