Overview

overview

9

Static

static

7

35b5dfe83e...AS.exe

windows7-x64

9

35b5dfe83e...AS.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    35b5dfe83e525faaa4956ade98eabb20_NEAS

  • Size

    372KB

  • Sample

    240506-3yqldsca87

  • MD5

    35b5dfe83e525faaa4956ade98eabb20

  • SHA1

    28c74a79616a47ed22742b58125ed3c5fd6ef544

  • SHA256

    fed4c5b680073a557a770197e1533824e8361bbeb4f73d964605eb0cd345d848

  • SHA512

    1deae953af9b314aa940bb6759d767a03c41a5ca83ec695a6cda7c5ff9a85874db1197913ce233d2e196c407a5ecce11e354354f3b83b02962039edee21ccc75

  • SSDEEP

    6144:JiQSo1EZGtKgZGtK/CAIuZAIuoiQSo1EZGtKgZGtK/CAIuZAIuSGg:AQtyZGtKgZGtK/CAIuZAIuvQtyZGtKgD

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      35b5dfe83e525faaa4956ade98eabb20_NEAS

    • Size

      372KB

    • MD5

      35b5dfe83e525faaa4956ade98eabb20

    • SHA1

      28c74a79616a47ed22742b58125ed3c5fd6ef544

    • SHA256

      fed4c5b680073a557a770197e1533824e8361bbeb4f73d964605eb0cd345d848

    • SHA512

      1deae953af9b314aa940bb6759d767a03c41a5ca83ec695a6cda7c5ff9a85874db1197913ce233d2e196c407a5ecce11e354354f3b83b02962039edee21ccc75

    • SSDEEP

      6144:JiQSo1EZGtKgZGtK/CAIuZAIuoiQSo1EZGtKgZGtK/CAIuZAIuSGg:AQtyZGtKgZGtK/CAIuZAIuvQtyZGtKgD

    Score
    9/10
    ransomwareupx

    • Renames multiple (4390) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks