571e6eb6e17a9aea21916756a4df50f048abbf67c083ae6512a9602a54fb4048 | Triage

Sharing

General

Target

571e6eb6e17a9aea21916756a4df50f048abbf67c083ae6512a9602a54fb4048N.exe
Size

68KB
Sample

241119-thpvgssqej
MD5

df12da9ac92c7f8832cbbc60a5e725c0
SHA1

0d604a2370062d5c13cf2711adb0a11346399024
SHA256

571e6eb6e17a9aea21916756a4df50f048abbf67c083ae6512a9602a54fb4048
SHA512

056ee2c04e78e43253e90e642d75fcaa181c45852ea9f363ac4c7d15d287263ea45158b72c43b728cabd55fdd1149c2db1fceb039a70e3b0047272d87fbef133
SSDEEP

768:W7BlphA7dASbS7EXBwzEXBw3sgQw58eGkz2rcuesgQw58eGkz2rcu90TKe+0TKeq:W7ZhA7dAynMdyGdy4AnA4QLIyIBz

Score

9^/10

discovery ransomware

Malware Config

Targets

- Target
  
  571e6eb6e17a9aea21916756a4df50f048abbf67c083ae6512a9602a54fb4048N.exe
- Size
  
  68KB
- MD5
  
  df12da9ac92c7f8832cbbc60a5e725c0
- SHA1
  
  0d604a2370062d5c13cf2711adb0a11346399024
- SHA256
  
  571e6eb6e17a9aea21916756a4df50f048abbf67c083ae6512a9602a54fb4048
- SHA512
  
  056ee2c04e78e43253e90e642d75fcaa181c45852ea9f363ac4c7d15d287263ea45158b72c43b728cabd55fdd1149c2db1fceb039a70e3b0047272d87fbef133
- SSDEEP
  
  768:W7BlphA7dASbS7EXBwzEXBw3sgQw58eGkz2rcuesgQw58eGkz2rcu90TKe+0TKeq:W7ZhA7dAynMdyGdy4AnA4QLIyIBz
Score

9^/10

discovery ransomware
- Renames multiple (325) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware