Overview

overview

10

Static

static

10

69c3787d82...b0.exe

windows7-x64

9

69c3787d82...b0.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    69c3787d827f13c741dc09f32e619f5a5302ff66ba05ed46d33e684a53da08b0

  • Size

    75KB

  • Sample

    240522-2pqpcsbh59

  • MD5

    179cdacdaf4c09c4937d86a267b6460b

  • SHA1

    05a370a94d5f458c12efb1f473fedffcb6dd7dd8

  • SHA256

    69c3787d827f13c741dc09f32e619f5a5302ff66ba05ed46d33e684a53da08b0

  • SHA512

    6637f44d9df20e995266c056f2d8530b7322ec905aa209459eb5fa8a1ee864787a70526d0a0d75d1d6154773b045e0ff861a7ea619bcc273d6855399a176d40e

  • SSDEEP

    1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8yib:fnyiQSoe

Score
10/10
ransomwareupx

Malware Config

Targets

    • Target

      69c3787d827f13c741dc09f32e619f5a5302ff66ba05ed46d33e684a53da08b0

    • Size

      75KB

    • MD5

      179cdacdaf4c09c4937d86a267b6460b

    • SHA1

      05a370a94d5f458c12efb1f473fedffcb6dd7dd8

    • SHA256

      69c3787d827f13c741dc09f32e619f5a5302ff66ba05ed46d33e684a53da08b0

    • SHA512

      6637f44d9df20e995266c056f2d8530b7322ec905aa209459eb5fa8a1ee864787a70526d0a0d75d1d6154773b045e0ff861a7ea619bcc273d6855399a176d40e

    • SSDEEP

      1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8yib:fnyiQSoe

    Score
    9/10
    ransomwareupx

    • Renames multiple (3433) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • UPX dump on OEP (original entry point)

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks