Overview

overview

10

Static

static

10

b8d2df275f...82.exe

windows7-x64

9

b8d2df275f...82.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    b8d2df275f003d5179e86c1d0740ba5793f977ed476371e8582a9cb13066b382

  • Size

    62KB

  • Sample

    240529-bz7grada91

  • MD5

    9c3e9896bac180ca851882cdcd2711e5

  • SHA1

    9441b2e1b33dd9ef009a2ecaf0fc648cc92add96

  • SHA256

    b8d2df275f003d5179e86c1d0740ba5793f977ed476371e8582a9cb13066b382

  • SHA512

    d3e31a94cd3edd8fac3ed5b3bf3a4c73a6cb3609cd8932aa390e5370ba6e77adebf0c0ed7c000147f85ee44d892abeb2287b96294f4ed287440f65c00c413da2

  • SSDEEP

    1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8a:fnyiQSoR

Score
10/10
ransomwareupx

Malware Config

Targets

    • Target

      b8d2df275f003d5179e86c1d0740ba5793f977ed476371e8582a9cb13066b382

    • Size

      62KB

    • MD5

      9c3e9896bac180ca851882cdcd2711e5

    • SHA1

      9441b2e1b33dd9ef009a2ecaf0fc648cc92add96

    • SHA256

      b8d2df275f003d5179e86c1d0740ba5793f977ed476371e8582a9cb13066b382

    • SHA512

      d3e31a94cd3edd8fac3ed5b3bf3a4c73a6cb3609cd8932aa390e5370ba6e77adebf0c0ed7c000147f85ee44d892abeb2287b96294f4ed287440f65c00c413da2

    • SSDEEP

      1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8a:fnyiQSoR

    Score
    9/10
    ransomwareupx

    • Renames multiple (532) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • UPX dump on OEP (original entry point)

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks