b54fcb891dbd0b190069aa93940b6294e20fdff47fa2ddeea926962d4726cd2f | Triage

Sharing

General

Target

b54fcb891dbd0b190069aa93940b6294e20fdff47fa2ddeea926962d4726cd2fN
Size

117KB
Sample

240921-gyyfcaydjr
MD5

76461e12cf2e4dfb9d7d783c50d70280
SHA1

ce989b500021524a25caa77b5ff4d1dd1070d3e5
SHA256

b54fcb891dbd0b190069aa93940b6294e20fdff47fa2ddeea926962d4726cd2f
SHA512

2cfec15c6ff7bdf4b2a6fde571c9e63be33891b68bc2b03e8c82cfaeb1032d477b6fd81769e6c740d04ad8443098d41f4de76f0ee257c4287b5a003fa55a2daa
SSDEEP

3072:6e7WpwYRYUtdtSsBc7e7WpwYRYUtdtSsBcB:Rq7agc6q7agcB

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  b54fcb891dbd0b190069aa93940b6294e20fdff47fa2ddeea926962d4726cd2fN
- Size
  
  117KB
- MD5
  
  76461e12cf2e4dfb9d7d783c50d70280
- SHA1
  
  ce989b500021524a25caa77b5ff4d1dd1070d3e5
- SHA256
  
  b54fcb891dbd0b190069aa93940b6294e20fdff47fa2ddeea926962d4726cd2f
- SHA512
  
  2cfec15c6ff7bdf4b2a6fde571c9e63be33891b68bc2b03e8c82cfaeb1032d477b6fd81769e6c740d04ad8443098d41f4de76f0ee257c4287b5a003fa55a2daa
- SSDEEP
  
  3072:6e7WpwYRYUtdtSsBc7e7WpwYRYUtdtSsBcB:Rq7agc6q7agcB
Score

9^/10

discovery ransomware
- Renames multiple (4676) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware