7cc74a4c4a2efcd0b165640d967b5d22be864dacf0942987c4e6606daa82afab | Triage

Sharing

General

Target

7cc74a4c4a2efcd0b165640d967b5d22be864dacf0942987c4e6606daa82afabN
Size

92KB
Sample

241004-et5bzsterq
MD5

2453cc27167fbc432dfdb51a48218990
SHA1

cc3ce4c4327f8a9431673caa2fb84c92099a7e7c
SHA256

7cc74a4c4a2efcd0b165640d967b5d22be864dacf0942987c4e6606daa82afab
SHA512

90279e79fc6c60a5464b63b1cf68baa5182daaf47533d88057dcd9db1d0a1fc14688eb6a960624cac92773b6c16d902cc3305cec79ec8825514306d83a23f55d
SSDEEP

768:/7BlpQpARFbhS101hk5c5iZGbu7BlpQpARFbhS101hk5c5iZVjH:/7ZQpAp26M7ZQpAp26mjH

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  7cc74a4c4a2efcd0b165640d967b5d22be864dacf0942987c4e6606daa82afabN
- Size
  
  92KB
- MD5
  
  2453cc27167fbc432dfdb51a48218990
- SHA1
  
  cc3ce4c4327f8a9431673caa2fb84c92099a7e7c
- SHA256
  
  7cc74a4c4a2efcd0b165640d967b5d22be864dacf0942987c4e6606daa82afab
- SHA512
  
  90279e79fc6c60a5464b63b1cf68baa5182daaf47533d88057dcd9db1d0a1fc14688eb6a960624cac92773b6c16d902cc3305cec79ec8825514306d83a23f55d
- SSDEEP
  
  768:/7BlpQpARFbhS101hk5c5iZGbu7BlpQpARFbhS101hk5c5iZVjH:/7ZQpAp26M7ZQpAp26mjH
Score

9^/10

discovery ransomware
- Renames multiple (4816) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware