4c9cd287efaa889b9755a4ca0a49a1053e06632ba490d5c51e63a7d16588d1aa | Triage

Sharing

General

Target

4c9cd287efaa889b9755a4ca0a49a1053e06632ba490d5c51e63a7d16588d1aa
Size

123KB
Sample

240929-mbtfrstanf
MD5

8cffde4cc7de37ad7cd235af2d056ed0
SHA1

1fcc8b29cd1768a5679e92818b76957f9bed7df3
SHA256

4c9cd287efaa889b9755a4ca0a49a1053e06632ba490d5c51e63a7d16588d1aa
SHA512

5cd7568aa17f15cb276e85693f5640252ca7058f68705e7bcadf87662fb7623f0703d2f1b2e44886b17a997e6f3321d9265c3f3b7b852cf4311d4a4767dd48f6
SSDEEP

1536:W7ZhA7dAynMdyGdy4AnAs7ZhA7dAynMdyGdy4AnAG0k:6e76ynpAse76ynpA2

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  4c9cd287efaa889b9755a4ca0a49a1053e06632ba490d5c51e63a7d16588d1aa
- Size
  
  123KB
- MD5
  
  8cffde4cc7de37ad7cd235af2d056ed0
- SHA1
  
  1fcc8b29cd1768a5679e92818b76957f9bed7df3
- SHA256
  
  4c9cd287efaa889b9755a4ca0a49a1053e06632ba490d5c51e63a7d16588d1aa
- SHA512
  
  5cd7568aa17f15cb276e85693f5640252ca7058f68705e7bcadf87662fb7623f0703d2f1b2e44886b17a997e6f3321d9265c3f3b7b852cf4311d4a4767dd48f6
- SSDEEP
  
  1536:W7ZhA7dAynMdyGdy4AnAs7ZhA7dAynMdyGdy4AnAG0k:6e76ynpAse76ynpA2
Score

9^/10

discovery ransomware
- Renames multiple (4041) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware