Overview

overview

10

Static

static

10

0ffb9258d2...b1.exe

windows7-x64

9

0ffb9258d2...b1.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    0ffb9258d23f9acfe79671c98499523ef28cd4d803caba220f6e99da4cb165b1

  • Size

    227KB

  • Sample

    240514-xcjm3abc23

  • MD5

    48533a54f5cfdd4250e98a3f1f3ff208

  • SHA1

    1f7742d42eca107f027cc268eca5b15c5cb388ad

  • SHA256

    0ffb9258d23f9acfe79671c98499523ef28cd4d803caba220f6e99da4cb165b1

  • SHA512

    1254fc000755d17d7f2fe6305a770b94acb8ef9d961a62f4aa17c03629fe24e9073e7a5e1250d89a8ca06c90a0c8f7221063e2a4dea8982bd0c8d0676064a71d

  • SSDEEP

    3072:+nymCAIuZAIuYSMjoqtMHfhfmfAIuZAIuYSMjoqtMHfhflgT:JmCAIuZAIuDMVtM/EfAIuZAIuDMVtM/U

Score
10/10
ransomwareupx

Malware Config

Targets

    • Target

      0ffb9258d23f9acfe79671c98499523ef28cd4d803caba220f6e99da4cb165b1

    • Size

      227KB

    • MD5

      48533a54f5cfdd4250e98a3f1f3ff208

    • SHA1

      1f7742d42eca107f027cc268eca5b15c5cb388ad

    • SHA256

      0ffb9258d23f9acfe79671c98499523ef28cd4d803caba220f6e99da4cb165b1

    • SHA512

      1254fc000755d17d7f2fe6305a770b94acb8ef9d961a62f4aa17c03629fe24e9073e7a5e1250d89a8ca06c90a0c8f7221063e2a4dea8982bd0c8d0676064a71d

    • SSDEEP

      3072:+nymCAIuZAIuYSMjoqtMHfhfmfAIuZAIuYSMjoqtMHfhflgT:JmCAIuZAIuDMVtM/EfAIuZAIuDMVtM/U

    Score
    9/10
    ransomwareupx

    • Renames multiple (3158) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • UPX dump on OEP (original entry point)

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks