Overview

overview

10

Static

static

10

1d4d3e3c59...9c.exe

windows7-x64

9

1d4d3e3c59...9c.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    1d4d3e3c598586d2cee91b62a8cdc61fc96b91f74d0677e042c9f8018e23f49c

  • Size

    109KB

  • Sample

    240503-x1zzysge72

  • MD5

    3c0f73d083c5290bd202a2394115de06

  • SHA1

    d2e04790346fbbe1b6597582068719af11e6cf83

  • SHA256

    1d4d3e3c598586d2cee91b62a8cdc61fc96b91f74d0677e042c9f8018e23f49c

  • SHA512

    79723a35cac94512151f7f741fa12f5f0b7072518d35a5302a79dacaccc23cde79c657348274fe92652d1cb0d50975e240e4983a08bbf1267b3253d57306fc94

  • SSDEEP

    3072:hfAIuZAIuYSMjoqtMHfhf5SGfFpsJOfFpsJi:hfAIuZAIuDMVtM/XSq

Score
10/10
ransomwareupx

Malware Config

Targets

    • Target

      1d4d3e3c598586d2cee91b62a8cdc61fc96b91f74d0677e042c9f8018e23f49c

    • Size

      109KB

    • MD5

      3c0f73d083c5290bd202a2394115de06

    • SHA1

      d2e04790346fbbe1b6597582068719af11e6cf83

    • SHA256

      1d4d3e3c598586d2cee91b62a8cdc61fc96b91f74d0677e042c9f8018e23f49c

    • SHA512

      79723a35cac94512151f7f741fa12f5f0b7072518d35a5302a79dacaccc23cde79c657348274fe92652d1cb0d50975e240e4983a08bbf1267b3253d57306fc94

    • SSDEEP

      3072:hfAIuZAIuYSMjoqtMHfhf5SGfFpsJOfFpsJi:hfAIuZAIuDMVtM/XSq

    Score
    9/10
    ransomwareupx

    • Renames multiple (721) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • UPX dump on OEP (original entry point)

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks