5f6e7fe6cc1b0519544c6ede96264a96b46579ebd0039519d541c576103d962a | Triage

Submit
Reports

Overview

overview

9

Static

static

3

pycharm-pr....5.exe

windows11-21h2-x64

9

Sharing

General

Target

pycharm-professional-2024.3.5.exe
Size

836.7MB
Sample

250328-xeag6szvdy
MD5

fddffff32881972a28738da298a62dff
SHA1

13bcc178a1b4a31a4c3b689872bd71586b31604f
SHA256

5f6e7fe6cc1b0519544c6ede96264a96b46579ebd0039519d541c576103d962a
SHA512

519c22090ac5e444355f982eebe4a181595ef3e415116a5a8cc1be0dc01c1438f06822adf1579214d109e013037f7caab286c88b4731e5903ccc69cf5a3a08f5
SSDEEP

25165824:ZvcYDd5ujEok108mEvAsp/+mi5WoN0TQ5+1r:Z2Qo008mE4sp/nifNBgR

Score

9^/10

discovery ransomware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

pycharm-professional-2024.3.5.exe

Resource

win11-20250313-en

discovery ransomware

windows11-21h2-x64

19 signatures

900 seconds

Malware Config

Targets

- Target
  
  pycharm-professional-2024.3.5.exe
- Size
  
  836.7MB
- MD5
  
  fddffff32881972a28738da298a62dff
- SHA1
  
  13bcc178a1b4a31a4c3b689872bd71586b31604f
- SHA256
  
  5f6e7fe6cc1b0519544c6ede96264a96b46579ebd0039519d541c576103d962a
- SHA512
  
  519c22090ac5e444355f982eebe4a181595ef3e415116a5a8cc1be0dc01c1438f06822adf1579214d109e013037f7caab286c88b4731e5903ccc69cf5a3a08f5
- SSDEEP
  
  25165824:ZvcYDd5ujEok108mEvAsp/+mi5WoN0TQ5+1r:Z2Qo008mE4sp/nifNBgR
Score

9^/10

discovery ransomware
- Renames multiple (200) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Drops desktop.ini file(s)
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

© 2018-2025

Terms | Privacy