a8130c5294643fdd9f21f5df40c8a1dbb267dd9b66af9ff5f28e644eaa1769b4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a8130c5294643fdd9f21f5df40c8a1dbb267dd9b66af9ff5f28e644eaa1769b4N
Size

92KB
Sample

241005-e6a9nswanq
MD5

4ecf9ccc47bfbcd35fb9e52d629e3590
SHA1

fa6a7484266ea7982dc57226cd51abdf6959a785
SHA256

a8130c5294643fdd9f21f5df40c8a1dbb267dd9b66af9ff5f28e644eaa1769b4
SHA512

8f172190f0b261f5986f5432c9f2eeee5c940d442cd14a4e4ed73f0797dc42ac4bbb2713091452af79b3d4a5dd9bb8c949092d29db3b7890fa1c852b01729f3c
SSDEEP

1536:W7ZppApUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFsAcEhx:6pWpUFpEhLfyBtPf50FWkFpPDze/qFs8

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  a8130c5294643fdd9f21f5df40c8a1dbb267dd9b66af9ff5f28e644eaa1769b4N
- Size
  
  92KB
- MD5
  
  4ecf9ccc47bfbcd35fb9e52d629e3590
- SHA1
  
  fa6a7484266ea7982dc57226cd51abdf6959a785
- SHA256
  
  a8130c5294643fdd9f21f5df40c8a1dbb267dd9b66af9ff5f28e644eaa1769b4
- SHA512
  
  8f172190f0b261f5986f5432c9f2eeee5c940d442cd14a4e4ed73f0797dc42ac4bbb2713091452af79b3d4a5dd9bb8c949092d29db3b7890fa1c852b01729f3c
- SSDEEP
  
  1536:W7ZppApUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFsAcEhx:6pWpUFpEhLfyBtPf50FWkFpPDze/qFs8
Score

9^/10

discovery ransomware
- Renames multiple (3087) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware