b65ec0d09d8077088770f6a2eaf7c6c717a714110243b06637d811a883eeddad | Triage

Sharing

General

Target

b65ec0d09d8077088770f6a2eaf7c6c717a714110243b06637d811a883eeddadN
Size

103KB
Sample

240918-x2caaaydqh
MD5

378b6292b4b653060ed6371605ba6190
SHA1

2ed9edddc19aa967cc2967049af6dab6a6743e61
SHA256

b65ec0d09d8077088770f6a2eaf7c6c717a714110243b06637d811a883eeddad
SHA512

657bee860cc1865349476e3ee9726bc00bfb79c1394772ad8e63d613838e7d021a1c127bc02e0dd8674eabbdfeda3f88510f20c30854f96f8a3ad3079409021b
SSDEEP

1536:W7ZppApyVyjVyi7pJ/hJ/q7ZppApyVyjVyi7pJ/hJ/+:6pWpGpWpW

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  b65ec0d09d8077088770f6a2eaf7c6c717a714110243b06637d811a883eeddadN
- Size
  
  103KB
- MD5
  
  378b6292b4b653060ed6371605ba6190
- SHA1
  
  2ed9edddc19aa967cc2967049af6dab6a6743e61
- SHA256
  
  b65ec0d09d8077088770f6a2eaf7c6c717a714110243b06637d811a883eeddad
- SHA512
  
  657bee860cc1865349476e3ee9726bc00bfb79c1394772ad8e63d613838e7d021a1c127bc02e0dd8674eabbdfeda3f88510f20c30854f96f8a3ad3079409021b
- SSDEEP
  
  1536:W7ZppApyVyjVyi7pJ/hJ/q7ZppApyVyjVyi7pJ/hJ/+:6pWpGpWpW
Score

9^/10

discovery ransomware
- Renames multiple (4744) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware