96db8602e11389063d80f610ece4cf82d640ad8103eff2592ce302a7fbc4bc7d | Triage

Sharing

General

Target

96db8602e11389063d80f610ece4cf82d640ad8103eff2592ce302a7fbc4bc7dN
Size

132KB
Sample

241003-t7l5wsyfrh
MD5

235923dd2954cb60c5ea43515781f7d0
SHA1

0b03354e5b49719e641550b39a24e765753b4934
SHA256

96db8602e11389063d80f610ece4cf82d640ad8103eff2592ce302a7fbc4bc7d
SHA512

6a41899997e592c54e79225b70207f5f314084654ea352285210d77697a46cff829e14b3f839530b925bd05a655fe93b798c11ca0eafdc5eeeb321364c103563
SSDEEP

1536:/7ZQpApHou595QUhUQ7ZQpApHou595QUhUN:9QWp/595HuQQWp/595HuN

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  96db8602e11389063d80f610ece4cf82d640ad8103eff2592ce302a7fbc4bc7dN
- Size
  
  132KB
- MD5
  
  235923dd2954cb60c5ea43515781f7d0
- SHA1
  
  0b03354e5b49719e641550b39a24e765753b4934
- SHA256
  
  96db8602e11389063d80f610ece4cf82d640ad8103eff2592ce302a7fbc4bc7d
- SHA512
  
  6a41899997e592c54e79225b70207f5f314084654ea352285210d77697a46cff829e14b3f839530b925bd05a655fe93b798c11ca0eafdc5eeeb321364c103563
- SSDEEP
  
  1536:/7ZQpApHou595QUhUQ7ZQpApHou595QUhUN:9QWp/595HuQQWp/595HuN
Score

9^/10

discovery ransomware
- Renames multiple (3941) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware