Overview

overview

9

Static

static

7

835e1afafe...95.exe

windows7-x64

9

835e1afafe...95.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    835e1afafe8fd97ee7efb76e66808940858b4bd9698e1181612009093f601395.exe

  • Size

    265KB

  • Sample

    240523-d3w7asce66

  • MD5

    1c70bef3bf26bcb70269c90fbbac2610

  • SHA1

    35a88917270461fab3d9a35a4a9797f19edd1221

  • SHA256

    835e1afafe8fd97ee7efb76e66808940858b4bd9698e1181612009093f601395

  • SHA512

    a7b74be5ed21f63aed0942d53c967ab80996adbcfab86961f0ec131e568955bb5c396ce36477ecb7d2b43a972c861d7d90c040a13e8e46fc73f3ee21a8121adc

  • SSDEEP

    6144:JmCAIuZAIuDMVtM/fmCAIuZAIuDMVtM/b:7AIuZAIuOkAIuZAIuO4

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      835e1afafe8fd97ee7efb76e66808940858b4bd9698e1181612009093f601395.exe

    • Size

      265KB

    • MD5

      1c70bef3bf26bcb70269c90fbbac2610

    • SHA1

      35a88917270461fab3d9a35a4a9797f19edd1221

    • SHA256

      835e1afafe8fd97ee7efb76e66808940858b4bd9698e1181612009093f601395

    • SHA512

      a7b74be5ed21f63aed0942d53c967ab80996adbcfab86961f0ec131e568955bb5c396ce36477ecb7d2b43a972c861d7d90c040a13e8e46fc73f3ee21a8121adc

    • SSDEEP

      6144:JmCAIuZAIuDMVtM/fmCAIuZAIuDMVtM/b:7AIuZAIuOkAIuZAIuO4

    Score
    9/10
    ransomwareupx

    • Renames multiple (488) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks