ca7f1cee53aa283b12b28d6075289e75f5d5422ae679e26ab3402f9a425a9822 | Triage

Sharing

General

Target

ca7f1cee53aa283b12b28d6075289e75f5d5422ae679e26ab3402f9a425a9822N
Size

72KB
Sample

240927-evxcrsvcnr
MD5

915b29fdce02678bca652c41aa2b9bd0
SHA1

cc20b798eb2a05930c0742e632c7f2a39ff343f4
SHA256

ca7f1cee53aa283b12b28d6075289e75f5d5422ae679e26ab3402f9a425a9822
SHA512

756aefe6c2a89c46ff10a3634c8ae42ea90fd8b1970b434c5637397b8d7b713a1b97db446bff1a25a4264f87f9032bb38bfc7615d89497a45b12bfdfbba3157e
SSDEEP

768:W7BlpDpARFbhcS37S3eU7BlpDpARFbhcS37S3e8:W7ZDpApe7ZDpApm

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  ca7f1cee53aa283b12b28d6075289e75f5d5422ae679e26ab3402f9a425a9822N
- Size
  
  72KB
- MD5
  
  915b29fdce02678bca652c41aa2b9bd0
- SHA1
  
  cc20b798eb2a05930c0742e632c7f2a39ff343f4
- SHA256
  
  ca7f1cee53aa283b12b28d6075289e75f5d5422ae679e26ab3402f9a425a9822
- SHA512
  
  756aefe6c2a89c46ff10a3634c8ae42ea90fd8b1970b434c5637397b8d7b713a1b97db446bff1a25a4264f87f9032bb38bfc7615d89497a45b12bfdfbba3157e
- SSDEEP
  
  768:W7BlpDpARFbhcS37S3eU7BlpDpARFbhcS37S3e8:W7ZDpApe7ZDpApm
Score

9^/10

discovery ransomware
- Renames multiple (4278) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware