Overview

overview

10

Static

static

10

56b135c125...11.exe

windows7-x64

9

56b135c125...11.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    56b135c125a2e675792ab73c70fabc624ae395bd4efc052c9145a69df2c99411

  • Size

    210KB

  • Sample

    240524-1v56kach23

  • MD5

    121ec1be0e5f2efe8c99117f33454602

  • SHA1

    e2e0a4a2254550e4875d01e5236f3971a17fad8b

  • SHA256

    56b135c125a2e675792ab73c70fabc624ae395bd4efc052c9145a69df2c99411

  • SHA512

    3e35fc80d9b15858ae496b0241e9bdca27eb494369e67fc63c912ec342ad6f4eb7caf894e1a8bc11377faf018d08d14f7de08ae83b9406576ffc2ec3b316ab24

  • SSDEEP

    3072:enaym3AIuZAIuYSMjoqtMHfhfJ6W2QZwKS79:wHm3AIuZAIuDMVtM/L2ZKS79

Score
10/10
ransomwareupx

Malware Config

Targets

    • Target

      56b135c125a2e675792ab73c70fabc624ae395bd4efc052c9145a69df2c99411

    • Size

      210KB

    • MD5

      121ec1be0e5f2efe8c99117f33454602

    • SHA1

      e2e0a4a2254550e4875d01e5236f3971a17fad8b

    • SHA256

      56b135c125a2e675792ab73c70fabc624ae395bd4efc052c9145a69df2c99411

    • SHA512

      3e35fc80d9b15858ae496b0241e9bdca27eb494369e67fc63c912ec342ad6f4eb7caf894e1a8bc11377faf018d08d14f7de08ae83b9406576ffc2ec3b316ab24

    • SSDEEP

      3072:enaym3AIuZAIuYSMjoqtMHfhfJ6W2QZwKS79:wHm3AIuZAIuDMVtM/L2ZKS79

    Score
    9/10
    ransomwareupx

    • Renames multiple (3266) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • UPX dump on OEP (original entry point)

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks