5201dc7a82b2f17268b50887161a59d4e7af159f24248141473ba1b2f866bd49 | Triage

Sharing

General

Target

5201dc7a82b2f17268b50887161a59d4e7af159f24248141473ba1b2f866bd49N.exe
Size

40KB
Sample

240925-ek7qraxcpa
MD5

fb39c212c64083d4dc8a65cb2d8fc050
SHA1

36ffb71d0be7eafeabbbe2325c9e517420385b3e
SHA256

5201dc7a82b2f17268b50887161a59d4e7af159f24248141473ba1b2f866bd49
SHA512

6be595b3a7e0ae8b996649686bc50750ab15e2bea5cda0bfa5a9418009703052c9e0109de0344f5b97c136c4e7d76942029c3e429b90fa0a5ce0c5c90706f8cc
SSDEEP

384:GBt7Br5xjLdbAAgA71FbhvU8g0U0fLMzyKbNzzyKbNWkq3DLXakq3DLXa:W7Blp+pARFbhBgnKLMWK9WKD2N2a

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  5201dc7a82b2f17268b50887161a59d4e7af159f24248141473ba1b2f866bd49N.exe
- Size
  
  40KB
- MD5
  
  fb39c212c64083d4dc8a65cb2d8fc050
- SHA1
  
  36ffb71d0be7eafeabbbe2325c9e517420385b3e
- SHA256
  
  5201dc7a82b2f17268b50887161a59d4e7af159f24248141473ba1b2f866bd49
- SHA512
  
  6be595b3a7e0ae8b996649686bc50750ab15e2bea5cda0bfa5a9418009703052c9e0109de0344f5b97c136c4e7d76942029c3e429b90fa0a5ce0c5c90706f8cc
- SSDEEP
  
  384:GBt7Br5xjLdbAAgA71FbhvU8g0U0fLMzyKbNzzyKbNWkq3DLXakq3DLXa:W7Blp+pARFbhBgnKLMWK9WKD2N2a
Score

9^/10

discovery ransomware
- Renames multiple (339) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware