1ca7c2127e09b05ba0a57589bb504273c6f2e9f00d002b033a8e070e8fbab69a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1ca7c2127e09b05ba0a57589bb504273c6f2e9f00d002b033a8e070e8fbab69a
Size

44KB
Sample

241005-xxh72avcnd
MD5

45225a45249d7afa8dcc3933e3a0428c
SHA1

f90b1526bd54939fc307978e5f0d7ef0e2d2f07a
SHA256

1ca7c2127e09b05ba0a57589bb504273c6f2e9f00d002b033a8e070e8fbab69a
SHA512

77832f2ebd306b4bac45ff519508160f8ade1352094b866a121f11e9f15db39898775649cc5d587fd4ff1459d1cab34c2d5773ec46de3d51a30e08c693647f1d
SSDEEP

384:GBt7Br5xjLfAgA71FbhvtPcNOF8F0qOF8F0PDXxhDXxW0C2C8:W7BlpDpARFbhmauaLXxpXxW0C2C8

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  1ca7c2127e09b05ba0a57589bb504273c6f2e9f00d002b033a8e070e8fbab69a
- Size
  
  44KB
- MD5
  
  45225a45249d7afa8dcc3933e3a0428c
- SHA1
  
  f90b1526bd54939fc307978e5f0d7ef0e2d2f07a
- SHA256
  
  1ca7c2127e09b05ba0a57589bb504273c6f2e9f00d002b033a8e070e8fbab69a
- SHA512
  
  77832f2ebd306b4bac45ff519508160f8ade1352094b866a121f11e9f15db39898775649cc5d587fd4ff1459d1cab34c2d5773ec46de3d51a30e08c693647f1d
- SSDEEP
  
  384:GBt7Br5xjLfAgA71FbhvtPcNOF8F0qOF8F0PDXxhDXxW0C2C8:W7BlpDpARFbhmauaLXxpXxW0C2C8
Score

9^/10

discovery ransomware
- Renames multiple (3780) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware