5016f4c57a34fb9264e92e226b54d992769a7375abe7db767194741d65a4f062 | Triage

Sharing

General

Target

5016f4c57a34fb9264e92e226b54d992769a7375abe7db767194741d65a4f062N
Size

89KB
Sample

240918-k56bbatdpl
MD5

9cf35d637f5e1da1e61082676adbb390
SHA1

6965f6c794ceeea75c445384d3abcfb8b9dc6bcd
SHA256

5016f4c57a34fb9264e92e226b54d992769a7375abe7db767194741d65a4f062
SHA512

b0e4eec6ac348b78930d5d195e4ac389a67751c2d1a1b32fd81ed8548405b1f79748a72ece9764f1400636c11c0da1b41a6f416c5a48554046b6d569d93d6b28
SSDEEP

1536:W7ZhA7pApH9QHwtRF9ESWu0SWujodsodaNovTW+SPL+cycWAF689ilL:6e7WpHIyRF9ESWu0SWujKsKRsP9fVL9C

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  5016f4c57a34fb9264e92e226b54d992769a7375abe7db767194741d65a4f062N
- Size
  
  89KB
- MD5
  
  9cf35d637f5e1da1e61082676adbb390
- SHA1
  
  6965f6c794ceeea75c445384d3abcfb8b9dc6bcd
- SHA256
  
  5016f4c57a34fb9264e92e226b54d992769a7375abe7db767194741d65a4f062
- SHA512
  
  b0e4eec6ac348b78930d5d195e4ac389a67751c2d1a1b32fd81ed8548405b1f79748a72ece9764f1400636c11c0da1b41a6f416c5a48554046b6d569d93d6b28
- SSDEEP
  
  1536:W7ZhA7pApH9QHwtRF9ESWu0SWujodsodaNovTW+SPL+cycWAF689ilL:6e7WpHIyRF9ESWu0SWujKsKRsP9fVL9C
Score

9^/10

discovery ransomware
- Renames multiple (3121) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware