b751a04b48db46ddc0508250e5831c895c819db3064b9cae2c9739bbfb36f8eb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b751a04b48db46ddc0508250e5831c895c819db3064b9cae2c9739bbfb36f8ebN
Size

94KB
Sample

241004-zkl49svglk
MD5

7484058e6c7fa9a509dc3935b60b3f10
SHA1

9882e3b54e6c5cbdde0fd1009a84cc9da4aa66f5
SHA256

b751a04b48db46ddc0508250e5831c895c819db3064b9cae2c9739bbfb36f8eb
SHA512

756f58791ad2e467b03ed15ebeb1de6950da15cc66780515ddac71b7f78d0df0bb01359512d5bbfa08f9057050af6d3517bfb164ae5c1bf3effe94171c4f3615
SSDEEP

1536:/7ZQpAplJwsJwdBc67ZQpAplJwsJwdBcB:9QWpOBc+QWpOBcB

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  b751a04b48db46ddc0508250e5831c895c819db3064b9cae2c9739bbfb36f8ebN
- Size
  
  94KB
- MD5
  
  7484058e6c7fa9a509dc3935b60b3f10
- SHA1
  
  9882e3b54e6c5cbdde0fd1009a84cc9da4aa66f5
- SHA256
  
  b751a04b48db46ddc0508250e5831c895c819db3064b9cae2c9739bbfb36f8eb
- SHA512
  
  756f58791ad2e467b03ed15ebeb1de6950da15cc66780515ddac71b7f78d0df0bb01359512d5bbfa08f9057050af6d3517bfb164ae5c1bf3effe94171c4f3615
- SSDEEP
  
  1536:/7ZQpAplJwsJwdBc67ZQpAplJwsJwdBcB:9QWpOBc+QWpOBcB
Score

9^/10

discovery ransomware
- Renames multiple (3890) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware