Overview

overview

10

Static

static

10

38907ec90f...79.exe

windows7-x64

9

38907ec90f...79.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    38907ec90fc4a2fa4e73a838ff05e802bafbfcf0300ffef1d2c7257846851d79

  • Size

    751KB

  • Sample

    240604-y9hygabb65

  • MD5

    207b401ecabf0e8a44f903aca2ad3df8

  • SHA1

    ef693d5ff3b4ee3b482b5400522bb4a8757f54fc

  • SHA256

    38907ec90fc4a2fa4e73a838ff05e802bafbfcf0300ffef1d2c7257846851d79

  • SHA512

    f5caa2500653f80d051dfb10b3171163fe7d8c74c6503b43a11ae22e759d2ad9c06102793822d0cd0753e49bd1b3956b01fc382c9259b708bdc6570707789991

  • SSDEEP

    12288:IAIuZAIuOVdo4Mxdz68XUdWnGsTefBAZUNHPK5ywHeG5QuKfeoy7UNCfwnmoeAIM:NVdo4Mxdz68k3IESsJVdo4Mxdz68k3Ii

Score
10/10
ransomwareupx

Malware Config

Targets

    • Target

      38907ec90fc4a2fa4e73a838ff05e802bafbfcf0300ffef1d2c7257846851d79

    • Size

      751KB

    • MD5

      207b401ecabf0e8a44f903aca2ad3df8

    • SHA1

      ef693d5ff3b4ee3b482b5400522bb4a8757f54fc

    • SHA256

      38907ec90fc4a2fa4e73a838ff05e802bafbfcf0300ffef1d2c7257846851d79

    • SHA512

      f5caa2500653f80d051dfb10b3171163fe7d8c74c6503b43a11ae22e759d2ad9c06102793822d0cd0753e49bd1b3956b01fc382c9259b708bdc6570707789991

    • SSDEEP

      12288:IAIuZAIuOVdo4Mxdz68XUdWnGsTefBAZUNHPK5ywHeG5QuKfeoy7UNCfwnmoeAIM:NVdo4Mxdz68k3IESsJVdo4Mxdz68k3Ii

    Score
    9/10
    ransomwareupx

    • Renames multiple (1354) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • UPX dump on OEP (original entry point)

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks