Overview

overview

10

Static

static

10

9b04a1b6e6...5d.exe

windows7-x64

9

9b04a1b6e6...5d.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9b04a1b6e644c5d6f383e59773aa958d22ec687ccf651d5ba46d125057f2665d

  • Size

    48KB

  • Sample

    240605-a9qrbahb8t

  • MD5

    cc3be63767108d1ee534a513c081dea9

  • SHA1

    276b5318a919fbb41f41466f95b467847f22600b

  • SHA256

    9b04a1b6e644c5d6f383e59773aa958d22ec687ccf651d5ba46d125057f2665d

  • SHA512

    6a1ea72fa4cd4d220eb182c09de0b2fc05d1a0829255fee4ccb114ea9cc753eca588d8bb1fdbd3f505dc94e4f5c38e0bad0ef5ce368fbf0c8fa2f3ef38f76476

  • SSDEEP

    768:kBT37CPKKIm0CAbLg++PJHJzIWD+dVdCYgck5sIZFlzc3/Sg2aDM9uA9DM9uAFzK:CTWn1++PJHJXA/OsIZfzc3/Q8zxDCuy

Score
10/10
ransomwareupx

Malware Config

Targets

    • Target

      9b04a1b6e644c5d6f383e59773aa958d22ec687ccf651d5ba46d125057f2665d

    • Size

      48KB

    • MD5

      cc3be63767108d1ee534a513c081dea9

    • SHA1

      276b5318a919fbb41f41466f95b467847f22600b

    • SHA256

      9b04a1b6e644c5d6f383e59773aa958d22ec687ccf651d5ba46d125057f2665d

    • SHA512

      6a1ea72fa4cd4d220eb182c09de0b2fc05d1a0829255fee4ccb114ea9cc753eca588d8bb1fdbd3f505dc94e4f5c38e0bad0ef5ce368fbf0c8fa2f3ef38f76476

    • SSDEEP

      768:kBT37CPKKIm0CAbLg++PJHJzIWD+dVdCYgck5sIZFlzc3/Sg2aDM9uA9DM9uAFzK:CTWn1++PJHJXA/OsIZfzc3/Q8zxDCuy

    Score
    9/10
    ransomwareupx

    • Renames multiple (3708) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • UPX dump on OEP (original entry point)

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks