Overview

overview

9

Static

static

PCShredder.exe

windows10-1703-x64

9

PCShredder.exe

windows7-x64

9

PCShredder.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    PCShredder.zip

  • Size

    14.6MB

  • Sample

    221124-ww7zbsbd22

  • MD5

    f31599fb6ae55cc2c4e632d671a06501

  • SHA1

    37396b3d76715b2f50932032039eaf16021852b5

  • SHA256

    b879ef0713b23926b087e45d82addfb0ffb65cc5d3a6cffb2843d87058444d20

  • SHA512

    4f8710095a404752bf60eea6b7ae7c87b2ff2bb00c64deaf45eaeafc494a006c71de7b79b98b913ed2bf20cad0f894e41948a24acba7dc636f996786ff9edb91

  • SSDEEP

    393216:djozpO9KxyU+cOLxqSbyREYUDreRssjiA0o5vc8cqk:SQbNcOLwwTYOreRssZNc89k

Score
9/10
discoveryexploitransomwareupx

Malware Config

Targets

    • Target

      PCShredder.exe

    • Size

      14.7MB

    • MD5

      96cb05530c60082172543f1011fd9d48

    • SHA1

      3ab9dcd4b109432656b36afa1f8f264d43d43273

    • SHA256

      918567fd880fe414ae41ebca386cfafe8b114369ce8002fa2d9420b5495576c8

    • SHA512

      e6fd8493dee16e771dccc892cd0941cac676fbd2f23cd589350101df3d9c307dcbc3b7e66181f9cc83662da9a455ea5172392485e351754bc775743d90cb7c90

    • SSDEEP

      393216:Q4q3RE5c113BsymGR6zB2Dl4DAJZwO6JGFC/HE:ImxzB2RreOa1/k

    Score
    9/10
    ransomwareupxdiscoveryexploit

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Executes dropped EXE

    • Possible privilege escalation attempt

      exploit

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Modifies file permissions

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2behavioral3

MITRE ATT&CK Enterprise v6

Tasks