Overview

overview

10

Static

static

10

14978943d5...b4.exe

windows7-x64

9

14978943d5...b4.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    14978943d59801a0d1c88b1809d56b0f8864db7359d7d609e1666eca401d38b4

  • Size

    99KB

  • Sample

    240524-xnrstafe6x

  • MD5

    02c5e6bc836eec78fcf882db56e393c1

  • SHA1

    9e7c6d04386dafd07bce50bb075b451dd0dc4af3

  • SHA256

    14978943d59801a0d1c88b1809d56b0f8864db7359d7d609e1666eca401d38b4

  • SHA512

    61fdf94150028564953a20fb47bfaa2d275b6f628c515debd8f60976a054ff962ab89c4db795f39c7fa2327d559a1d1545a9646d6b0fcacacd817c98f74d7117

  • SSDEEP

    1536:Isz1++PJHJXFAIuZAIuekc9zBfA1OjBWgOI3uicwa+shcBEN2iqxtdSCow8hfx:hfAIuZAIuYSMjoqtMHfhfx

Score
10/10
ransomwareupx

Malware Config

Targets

    • Target

      14978943d59801a0d1c88b1809d56b0f8864db7359d7d609e1666eca401d38b4

    • Size

      99KB

    • MD5

      02c5e6bc836eec78fcf882db56e393c1

    • SHA1

      9e7c6d04386dafd07bce50bb075b451dd0dc4af3

    • SHA256

      14978943d59801a0d1c88b1809d56b0f8864db7359d7d609e1666eca401d38b4

    • SHA512

      61fdf94150028564953a20fb47bfaa2d275b6f628c515debd8f60976a054ff962ab89c4db795f39c7fa2327d559a1d1545a9646d6b0fcacacd817c98f74d7117

    • SSDEEP

      1536:Isz1++PJHJXFAIuZAIuekc9zBfA1OjBWgOI3uicwa+shcBEN2iqxtdSCow8hfx:hfAIuZAIuYSMjoqtMHfhfx

    Score
    9/10
    ransomwareupx

    • Renames multiple (604) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • UPX dump on OEP (original entry point)

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks