c7a822286bd2d04c5cc7012eb8cd18372642fdb1799907e65828e3a3268475ab | Triage

Sharing

General

Target

c7a822286bd2d04c5cc7012eb8cd18372642fdb1799907e65828e3a3268475ab
Size

104KB
Sample

241012-c57kdaybma
MD5

115dabbfe0a72bf4e0828dc3f91e09b5
SHA1

4ef2c1e9467246e3f33ee54c3689b3005c66fe6a
SHA256

c7a822286bd2d04c5cc7012eb8cd18372642fdb1799907e65828e3a3268475ab
SHA512

76d086101e70a028c84d9e3a794bcecdb89ee4d3ed9914471132e65df4e2de8e4683e83c47c4a153ccba1a5882fc4fd4e2438e0757c3710e724854dcbebcc422
SSDEEP

3072:6e7WpMgLOiLOAew2wUe7WpMgLOiLOAew2wkQ/:RqKgLOiLOA3qKgLOiLOAn

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  c7a822286bd2d04c5cc7012eb8cd18372642fdb1799907e65828e3a3268475ab
- Size
  
  104KB
- MD5
  
  115dabbfe0a72bf4e0828dc3f91e09b5
- SHA1
  
  4ef2c1e9467246e3f33ee54c3689b3005c66fe6a
- SHA256
  
  c7a822286bd2d04c5cc7012eb8cd18372642fdb1799907e65828e3a3268475ab
- SHA512
  
  76d086101e70a028c84d9e3a794bcecdb89ee4d3ed9914471132e65df4e2de8e4683e83c47c4a153ccba1a5882fc4fd4e2438e0757c3710e724854dcbebcc422
- SSDEEP
  
  3072:6e7WpMgLOiLOAew2wUe7WpMgLOiLOAew2wkQ/:RqKgLOiLOA3qKgLOiLOAn
Score

9^/10

discovery ransomware
- Renames multiple (5217) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware