9fd91c4c58f75c37aff5cc492d38f8e8c8bfa19e3b480545288e9adfeb757a6c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9fd91c4c58f75c37aff5cc492d38f8e8c8bfa19e3b480545288e9adfeb757a6c
Size

74KB
Sample

241005-yrspys1djq
MD5

d1b172ca53465c1a32aebed1f5d5da2c
SHA1

61c09a3ac275c55a31350c8a8b9fe51b49aaf2e3
SHA256

9fd91c4c58f75c37aff5cc492d38f8e8c8bfa19e3b480545288e9adfeb757a6c
SHA512

ddd8d82c90123ac0288a2e067c9efd9cbe095058b1b3a46c45f43d038af2d661165b2305d6faa7c3c2b0ef5d5c009f48c31def3b9d1e9602e2b93231a54b7173
SSDEEP

768:W7BlpNLpARFbhblkYlkuvIYFdm0rEt0rEkEXBwzEXBwAh69YNYoThwRDThwRDa:W7ZNLpApCZuvIYXmdtd9hlyolwXw4

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  9fd91c4c58f75c37aff5cc492d38f8e8c8bfa19e3b480545288e9adfeb757a6c
- Size
  
  74KB
- MD5
  
  d1b172ca53465c1a32aebed1f5d5da2c
- SHA1
  
  61c09a3ac275c55a31350c8a8b9fe51b49aaf2e3
- SHA256
  
  9fd91c4c58f75c37aff5cc492d38f8e8c8bfa19e3b480545288e9adfeb757a6c
- SHA512
  
  ddd8d82c90123ac0288a2e067c9efd9cbe095058b1b3a46c45f43d038af2d661165b2305d6faa7c3c2b0ef5d5c009f48c31def3b9d1e9602e2b93231a54b7173
- SSDEEP
  
  768:W7BlpNLpARFbhblkYlkuvIYFdm0rEt0rEkEXBwzEXBwAh69YNYoThwRDThwRDa:W7ZNLpApCZuvIYXmdtd9hlyolwXw4
Score

9^/10

discovery ransomware
- Renames multiple (3512) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware