ebf09e3ed108a110c2e76e7c4651a99a17e5664b960b97f78a6ff17c64bd3683 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ebf09e3ed108a110c2e76e7c4651a99a17e5664b960b97f78a6ff17c64bd3683N.exe
Size

33KB
Sample

240925-lqk79syckl
MD5

8a31a86065359e4a3fe87e0fb95b2370
SHA1

23e371ed35028d446b7cacb3401a4ab7516b7725
SHA256

ebf09e3ed108a110c2e76e7c4651a99a17e5664b960b97f78a6ff17c64bd3683
SHA512

cad9cfc6ddc17568b50ce6c27584b68bfac3e8e68eac80c526cbd39ead6854b0ad928666ee852b9a90620be6a416edaf8dda8497e9ac060d42d4f8bbfc9b2c74
SSDEEP

384:GBt7Br5xjL9AgA71Fbhv7bhv3KueKudLl++K8e1:W7BlpppARFbhjbhPKueKudLw1j

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  ebf09e3ed108a110c2e76e7c4651a99a17e5664b960b97f78a6ff17c64bd3683N.exe
- Size
  
  33KB
- MD5
  
  8a31a86065359e4a3fe87e0fb95b2370
- SHA1
  
  23e371ed35028d446b7cacb3401a4ab7516b7725
- SHA256
  
  ebf09e3ed108a110c2e76e7c4651a99a17e5664b960b97f78a6ff17c64bd3683
- SHA512
  
  cad9cfc6ddc17568b50ce6c27584b68bfac3e8e68eac80c526cbd39ead6854b0ad928666ee852b9a90620be6a416edaf8dda8497e9ac060d42d4f8bbfc9b2c74
- SSDEEP
  
  384:GBt7Br5xjL9AgA71Fbhv7bhv3KueKudLl++K8e1:W7BlpppARFbhjbhPKueKudLw1j
Score

9^/10

discovery ransomware
- Renames multiple (3208) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware