6486ce00279c21a21511cec48ecd3da96f794cccf31a46f739dc29696ffe8dc5 | Triage

Sharing

General

Target

6486ce00279c21a21511cec48ecd3da96f794cccf31a46f739dc29696ffe8dc5N
Size

49KB
Sample

240918-kwm4datajm
MD5

f5906834e9a7af5a734958a458f06670
SHA1

fed5c870fb6b4088ca575e208505e0606c77cf0d
SHA256

6486ce00279c21a21511cec48ecd3da96f794cccf31a46f739dc29696ffe8dc5
SHA512

cf0b6a2dbf671fb4382d8bd4cc895f859143a914bd2c97063a1a1f43645900dd5c24e649a9d3ea4e6bd0173b41d2bf697378197a0744f5cbdff0ce2189647ee1
SSDEEP

768:W7BlphA7dASbSjJJcbQbf1Oti1JGBQOOiQJhATBWvyBh85c5h:W7ZhA7dABJJZENTBWv36j

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  6486ce00279c21a21511cec48ecd3da96f794cccf31a46f739dc29696ffe8dc5N
- Size
  
  49KB
- MD5
  
  f5906834e9a7af5a734958a458f06670
- SHA1
  
  fed5c870fb6b4088ca575e208505e0606c77cf0d
- SHA256
  
  6486ce00279c21a21511cec48ecd3da96f794cccf31a46f739dc29696ffe8dc5
- SHA512
  
  cf0b6a2dbf671fb4382d8bd4cc895f859143a914bd2c97063a1a1f43645900dd5c24e649a9d3ea4e6bd0173b41d2bf697378197a0744f5cbdff0ce2189647ee1
- SSDEEP
  
  768:W7BlphA7dASbSjJJcbQbf1Oti1JGBQOOiQJhATBWvyBh85c5h:W7ZhA7dABJJZENTBWv36j
Score

9^/10

discovery ransomware
- Renames multiple (286) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware