249225e2627709a7198ac526626b3744c0ff5791c5e6f3db3fd93afa1c12647d | Triage

Sharing

General

Target

249225e2627709a7198ac526626b3744c0ff5791c5e6f3db3fd93afa1c12647dN
Size

51KB
Sample

240919-egrkcszcqd
MD5

7c3ed8255af73beffca8fc3e87296e10
SHA1

86a1b5d56b1ce33d02dcbbbe35c29d1f7e80e2ea
SHA256

249225e2627709a7198ac526626b3744c0ff5791c5e6f3db3fd93afa1c12647d
SHA512

f93773fdc5907e08a9a598494e15fbfc43569e41142ce5614981dd7ee50042f5c544b2b0035a765de6a882c64d13e9a72e4bf747ad4d2dec92851a37bc70321e
SSDEEP

768:W7BlphA7pARFbhL801VvM801Vvv7co49OiIJrbOiIJfo49OiIJrbOiIJsPIvPI0:W7ZhA7pApw03vR03vog0gY40

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  249225e2627709a7198ac526626b3744c0ff5791c5e6f3db3fd93afa1c12647dN
- Size
  
  51KB
- MD5
  
  7c3ed8255af73beffca8fc3e87296e10
- SHA1
  
  86a1b5d56b1ce33d02dcbbbe35c29d1f7e80e2ea
- SHA256
  
  249225e2627709a7198ac526626b3744c0ff5791c5e6f3db3fd93afa1c12647d
- SHA512
  
  f93773fdc5907e08a9a598494e15fbfc43569e41142ce5614981dd7ee50042f5c544b2b0035a765de6a882c64d13e9a72e4bf747ad4d2dec92851a37bc70321e
- SSDEEP
  
  768:W7BlphA7pARFbhL801VvM801Vvv7co49OiIJrbOiIJfo49OiIJrbOiIJsPIvPI0:W7ZhA7pApw03vR03vog0gY40
Score

9^/10

discovery ransomware
- Renames multiple (3287) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware