Overview

overview

9

Static

static

7

bb7eb73178...AS.exe

windows7-x64

9

bb7eb73178...AS.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bb7eb73178123be6c97b7bede0ffe4e0_NEAS

  • Size

    264KB

  • Sample

    240507-r2zspaeb76

  • MD5

    bb7eb73178123be6c97b7bede0ffe4e0

  • SHA1

    310ef5294a87255d5a432944e4c6daf711b81d6a

  • SHA256

    c8f9f171140bc35261f637556cba84697d3b53834638aa65c26d4c040efc3adf

  • SHA512

    f6726e1ce6ac248a56d67bad1ac14c0bc5ee486597e9d5b7430f5f7c6e28b2f2fdfbde92ee8e8f405e7897f68cf4dbe643dfb0b80c61c22feb70db867d86c718

  • SSDEEP

    6144:JmCAIuZAIuDMVtM/0hRmCAIuZAIuDMVtM/0hK:7AIuZAIuO9AIuZAIuOk

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      bb7eb73178123be6c97b7bede0ffe4e0_NEAS

    • Size

      264KB

    • MD5

      bb7eb73178123be6c97b7bede0ffe4e0

    • SHA1

      310ef5294a87255d5a432944e4c6daf711b81d6a

    • SHA256

      c8f9f171140bc35261f637556cba84697d3b53834638aa65c26d4c040efc3adf

    • SHA512

      f6726e1ce6ac248a56d67bad1ac14c0bc5ee486597e9d5b7430f5f7c6e28b2f2fdfbde92ee8e8f405e7897f68cf4dbe643dfb0b80c61c22feb70db867d86c718

    • SSDEEP

      6144:JmCAIuZAIuDMVtM/0hRmCAIuZAIuDMVtM/0hK:7AIuZAIuO9AIuZAIuOk

    Score
    9/10
    ransomwareupx

    • Renames multiple (3495) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks