Overview

overview

10

Static

static

10

c3c3f31fc4...0a.exe

windows7-x64

9

c3c3f31fc4...0a.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c3c3f31fc43a42cb053ae01fe628e76a9d8649c241758f47d7e6c173ebfaf90a

  • Size

    110KB

  • Sample

    240504-c4hjvseb84

  • MD5

    76e6ce8b8d2b47562b0a0ec131e48d16

  • SHA1

    1abd3fbb731610836f87d821c317c4833523b27c

  • SHA256

    c3c3f31fc43a42cb053ae01fe628e76a9d8649c241758f47d7e6c173ebfaf90a

  • SHA512

    537953fa9ecefa6a7178c4398504e6d8cc83c451c32dddf98ce67b468c81f8d9c1863792b68b859978b6315d75ecbca0f38db14b830a2a6d999f71d9341c4423

  • SSDEEP

    3072:hfAIuZAIuYSMjoqtMHfhf5SGfFpsJOfFpsJZ:hfAIuZAIuDMVtM/XSx

Score
10/10
ransomwareupx

Malware Config

Targets

    • Target

      c3c3f31fc43a42cb053ae01fe628e76a9d8649c241758f47d7e6c173ebfaf90a

    • Size

      110KB

    • MD5

      76e6ce8b8d2b47562b0a0ec131e48d16

    • SHA1

      1abd3fbb731610836f87d821c317c4833523b27c

    • SHA256

      c3c3f31fc43a42cb053ae01fe628e76a9d8649c241758f47d7e6c173ebfaf90a

    • SHA512

      537953fa9ecefa6a7178c4398504e6d8cc83c451c32dddf98ce67b468c81f8d9c1863792b68b859978b6315d75ecbca0f38db14b830a2a6d999f71d9341c4423

    • SSDEEP

      3072:hfAIuZAIuYSMjoqtMHfhf5SGfFpsJOfFpsJZ:hfAIuZAIuDMVtM/XSx

    Score
    9/10
    ransomwareupx

    • Renames multiple (3445) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • UPX dump on OEP (original entry point)

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks