37b9a0a649742242f117f6bfc7fb18e5f69a981051cb27d23a29b91c308ee088 | Triage

Sharing

General

Target

37b9a0a649742242f117f6bfc7fb18e5f69a981051cb27d23a29b91c308ee088N
Size

108KB
Sample

240919-dvvy9sydkn
MD5

f653088c54d9489342b21109f38cb210
SHA1

8577a1dc7f45aabc6c91f7f9f0931b0425aa453c
SHA256

37b9a0a649742242f117f6bfc7fb18e5f69a981051cb27d23a29b91c308ee088
SHA512

2c4456f0f9492ad955534a96022c067d29d306180b8909973fd498ec7864413bf7e38f1643799d10d352038e2f3979f174f20f7d46cea14fdfe4e3eed838ca55
SSDEEP

3072:9QWp18888888888888888888888888888888888888888888888888888888888e:LTeFKTe7

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  37b9a0a649742242f117f6bfc7fb18e5f69a981051cb27d23a29b91c308ee088N
- Size
  
  108KB
- MD5
  
  f653088c54d9489342b21109f38cb210
- SHA1
  
  8577a1dc7f45aabc6c91f7f9f0931b0425aa453c
- SHA256
  
  37b9a0a649742242f117f6bfc7fb18e5f69a981051cb27d23a29b91c308ee088
- SHA512
  
  2c4456f0f9492ad955534a96022c067d29d306180b8909973fd498ec7864413bf7e38f1643799d10d352038e2f3979f174f20f7d46cea14fdfe4e3eed838ca55
- SSDEEP
  
  3072:9QWp18888888888888888888888888888888888888888888888888888888888e:LTeFKTe7
Score

9^/10

discovery ransomware
- Renames multiple (4239) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware