04b48f03a6c37f1d9b54d32b0ad6b4dd3ad17679f6697dc99dd7829a63bbe4ef | Triage

Sharing

General

Target

aa34bf8b6cc919285db1222f8fdf8c20N.exe
Size

42KB
Sample

240912-lh1yra1cjk
MD5

aa34bf8b6cc919285db1222f8fdf8c20
SHA1

6017747b01c64a50b35040ed80445d50eaaa0116
SHA256

04b48f03a6c37f1d9b54d32b0ad6b4dd3ad17679f6697dc99dd7829a63bbe4ef
SHA512

5706bf0fd028b01be1fd2c8dc148a4622faff8e69d12d2c7ab05399a176d1d65c1db5e1d5c4b222e71facda019a9700fe5a91b40d11c7370b2d7a43d82b1ff91
SSDEEP

768:W7BlpppARFbhjbhg42LcfpR42LcfpW/t6m:W7ZppApBULcfpHLcfpq

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  aa34bf8b6cc919285db1222f8fdf8c20N.exe
- Size
  
  42KB
- MD5
  
  aa34bf8b6cc919285db1222f8fdf8c20
- SHA1
  
  6017747b01c64a50b35040ed80445d50eaaa0116
- SHA256
  
  04b48f03a6c37f1d9b54d32b0ad6b4dd3ad17679f6697dc99dd7829a63bbe4ef
- SHA512
  
  5706bf0fd028b01be1fd2c8dc148a4622faff8e69d12d2c7ab05399a176d1d65c1db5e1d5c4b222e71facda019a9700fe5a91b40d11c7370b2d7a43d82b1ff91
- SSDEEP
  
  768:W7BlpppARFbhjbhg42LcfpR42LcfpW/t6m:W7ZppApBULcfpHLcfpq
Score

9^/10

discovery ransomware
- Renames multiple (3296) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware