6cea56dee3b04398bfac2b7a43cbc4ecb1c418cfbaae659bf6877633b3b944fd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6cea56dee3b04398bfac2b7a43cbc4ecb1c418cfbaae659bf6877633b3b944fd
Size

100KB
Sample

241011-2qsv4sybkf
MD5

02aae8942c358049a40a8fc297ca89d3
SHA1

e235dcb7074e94878d1da12e11c33923fb7fa4d0
SHA256

6cea56dee3b04398bfac2b7a43cbc4ecb1c418cfbaae659bf6877633b3b944fd
SHA512

a05945cd5e8beb00927f0455af30a4ca484865bd9beaa724c5467617da94ef5f61cd10534793401191110b64fb381a8328fc2670304d5ee1fa1bbf4cdeb18b5a
SSDEEP

1536:W7ZhA7dABJJZENTNy3W7ZhA7dABJJZENTNy3V:6e76BtEu6e76BtEuV

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  6cea56dee3b04398bfac2b7a43cbc4ecb1c418cfbaae659bf6877633b3b944fd
- Size
  
  100KB
- MD5
  
  02aae8942c358049a40a8fc297ca89d3
- SHA1
  
  e235dcb7074e94878d1da12e11c33923fb7fa4d0
- SHA256
  
  6cea56dee3b04398bfac2b7a43cbc4ecb1c418cfbaae659bf6877633b3b944fd
- SHA512
  
  a05945cd5e8beb00927f0455af30a4ca484865bd9beaa724c5467617da94ef5f61cd10534793401191110b64fb381a8328fc2670304d5ee1fa1bbf4cdeb18b5a
- SSDEEP
  
  1536:W7ZhA7dABJJZENTNy3W7ZhA7dABJJZENTNy3V:6e76BtEu6e76BtEuV
Score

9^/10

discovery ransomware
- Renames multiple (4788) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware