cf7155839427189fd028677e319191eacfd161c568c96262097815c9ddf2634b | Triage

Sharing

General

Target

cf7155839427189fd028677e319191eacfd161c568c96262097815c9ddf2634bN
Size

39KB
Sample

240919-hjvlkswalh
MD5

98246f1cbf78ad3dfbf87f632dfdc140
SHA1

5b8780ab47bbbd58796fafba2d18d5a0a63cf822
SHA256

cf7155839427189fd028677e319191eacfd161c568c96262097815c9ddf2634b
SHA512

fc0e9c3ca65bfdd2998cf5953d0881f5eca41f294f3416db512e0c83a398cc54cbae9684fd47d26fc551133bcc885986ebdefb6649a36789f793e38d9fd37ced
SSDEEP

768:W7BlpppARFbhjbhg42LcfpR42Lcfpdj+/:W7ZppApBULcfpHLcfpQ

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  cf7155839427189fd028677e319191eacfd161c568c96262097815c9ddf2634bN
- Size
  
  39KB
- MD5
  
  98246f1cbf78ad3dfbf87f632dfdc140
- SHA1
  
  5b8780ab47bbbd58796fafba2d18d5a0a63cf822
- SHA256
  
  cf7155839427189fd028677e319191eacfd161c568c96262097815c9ddf2634b
- SHA512
  
  fc0e9c3ca65bfdd2998cf5953d0881f5eca41f294f3416db512e0c83a398cc54cbae9684fd47d26fc551133bcc885986ebdefb6649a36789f793e38d9fd37ced
- SSDEEP
  
  768:W7BlpppARFbhjbhg42LcfpR42Lcfpdj+/:W7ZppApBULcfpHLcfpQ
Score

9^/10

discovery ransomware
- Renames multiple (3185) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware