Overview

overview

10

Static

static

10

93fa551dc2...18.exe

windows7-x64

9

93fa551dc2...18.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    93fa551dc22517b5999defa025f9fd00a23cff38d589a67082142ef42dc6de18

  • Size

    95KB

  • Sample

    240628-anyvsstanl

  • MD5

    3623068217fe358cd4cdd2173c840c51

  • SHA1

    6a2b326a6f1059f169855fad9063aaaf17b0f3cc

  • SHA256

    93fa551dc22517b5999defa025f9fd00a23cff38d589a67082142ef42dc6de18

  • SHA512

    fecd7278a4932c72c373eb6c1f6c131c0a00579273829207cf5827667c47d01cb0c1ca8e9e7fc8515472c312161a3e36445536057ffade9aae0f66cbaef7e04e

  • SSDEEP

    1536:CTWn1++PJHJXA/OsIZfzc3/Q8Q8/8RYNTWn1++PJHJXA/OsIZfzc3/Q8Q8/8RY8D:KQSoskRYpQSoskRYs

Score
10/10
ransomwareupx

Malware Config

Targets

    • Target

      93fa551dc22517b5999defa025f9fd00a23cff38d589a67082142ef42dc6de18

    • Size

      95KB

    • MD5

      3623068217fe358cd4cdd2173c840c51

    • SHA1

      6a2b326a6f1059f169855fad9063aaaf17b0f3cc

    • SHA256

      93fa551dc22517b5999defa025f9fd00a23cff38d589a67082142ef42dc6de18

    • SHA512

      fecd7278a4932c72c373eb6c1f6c131c0a00579273829207cf5827667c47d01cb0c1ca8e9e7fc8515472c312161a3e36445536057ffade9aae0f66cbaef7e04e

    • SSDEEP

      1536:CTWn1++PJHJXA/OsIZfzc3/Q8Q8/8RYNTWn1++PJHJXA/OsIZfzc3/Q8Q8/8RY8D:KQSoskRYpQSoskRYs

    Score
    9/10
    ransomwareupx

    • Renames multiple (5303) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks