b420cfae1e71b60265c4aa4af39c32f75c4d0e19a8c680941686edf2ece8ebb5 | Triage

Sharing

General

Target

c9f81d604f3020f0445936a103fb4e90N.exe
Size

102KB
Sample

240915-dzqv4stdkl
MD5

c9f81d604f3020f0445936a103fb4e90
SHA1

86c42aae37b714d7dc21c887d6ac1bd3db971339
SHA256

b420cfae1e71b60265c4aa4af39c32f75c4d0e19a8c680941686edf2ece8ebb5
SHA512

0ab5efb20080f282b5feefc6ec413b063a5090abe73b1de1a88d2917f724524989c66eadaa58e1ca1dd6d3b547cab363281d29cfbfccd37643fc277fa11a84fb
SSDEEP

1536:W7ZppApktshJYAJYDVXxXIYcUYcE7ZppApktshJYAJYDVXxXIYcUYc+:6pWpktsUVXxXgpWpktsUVXxXK

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  c9f81d604f3020f0445936a103fb4e90N.exe
- Size
  
  102KB
- MD5
  
  c9f81d604f3020f0445936a103fb4e90
- SHA1
  
  86c42aae37b714d7dc21c887d6ac1bd3db971339
- SHA256
  
  b420cfae1e71b60265c4aa4af39c32f75c4d0e19a8c680941686edf2ece8ebb5
- SHA512
  
  0ab5efb20080f282b5feefc6ec413b063a5090abe73b1de1a88d2917f724524989c66eadaa58e1ca1dd6d3b547cab363281d29cfbfccd37643fc277fa11a84fb
- SSDEEP
  
  1536:W7ZppApktshJYAJYDVXxXIYcUYcE7ZppApktshJYAJYDVXxXIYcUYc+:6pWpktsUVXxXgpWpktsUVXxXK
Score

9^/10

discovery ransomware
- Renames multiple (4282) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware