131df134cc321d473dec21b9269e881e768c66459fc369ee3d249d6a9b9c2409 | Triage

Sharing

General

Target

131df134cc321d473dec21b9269e881e768c66459fc369ee3d249d6a9b9c2409N.exe
Size

60KB
Sample

240925-ybgyhsteql
MD5

9bab05d24cba868f899c3e60dbf5f280
SHA1

ba6f9cd66cf94f3c018643311b80b1c78f7b7b13
SHA256

131df134cc321d473dec21b9269e881e768c66459fc369ee3d249d6a9b9c2409
SHA512

1cf768d69a7b89adcec7a03e651e047c8bf1c029ee48e48bc09d5bd5e09db2143afdac6b589a6fdff681c074f64eb8fd454ec102900d37b1d13c51f04bd01ed0
SSDEEP

768:W7BlpppARFbhHFoqAJwBqAJwRJofJoTHKX/8KX/s:W7ZppApaJofJo7KX/8KX/s

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  131df134cc321d473dec21b9269e881e768c66459fc369ee3d249d6a9b9c2409N.exe
- Size
  
  60KB
- MD5
  
  9bab05d24cba868f899c3e60dbf5f280
- SHA1
  
  ba6f9cd66cf94f3c018643311b80b1c78f7b7b13
- SHA256
  
  131df134cc321d473dec21b9269e881e768c66459fc369ee3d249d6a9b9c2409
- SHA512
  
  1cf768d69a7b89adcec7a03e651e047c8bf1c029ee48e48bc09d5bd5e09db2143afdac6b589a6fdff681c074f64eb8fd454ec102900d37b1d13c51f04bd01ed0
- SSDEEP
  
  768:W7BlpppARFbhHFoqAJwBqAJwRJofJoTHKX/8KX/s:W7ZppApaJofJo7KX/8KX/s
Score

9^/10

discovery ransomware
- Renames multiple (2879) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware