Overview

overview

9

Static

static

7

276b0f07b8...89.exe

windows7-x64

9

276b0f07b8...89.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    276b0f07b8248b0b2d1f9d0b38004f296485f4905f949d468cc93998e136b589.exe

  • Size

    204KB

  • Sample

    240705-bxr92s1gla

  • MD5

    23cc1acc5a77b6ad2918de04af420a80

  • SHA1

    dac5d9a895de36d1d0170cfbc72f2d8d79751877

  • SHA256

    276b0f07b8248b0b2d1f9d0b38004f296485f4905f949d468cc93998e136b589

  • SHA512

    528bbc3b509e001128c1de7d2e82064e8daf4f888b62b6e0917c6402d5b3970b678a9c64411a171edbb7f87c24f42a8cfe02cffc8608b89697db5863830c6db6

  • SSDEEP

    3072:KQSo7Z54HZKMx4dhECVwQSo7Z54HZKMx4dhECV4:KQSoz4HUK4dh5wQSoz4HUK4dh54

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      276b0f07b8248b0b2d1f9d0b38004f296485f4905f949d468cc93998e136b589.exe

    • Size

      204KB

    • MD5

      23cc1acc5a77b6ad2918de04af420a80

    • SHA1

      dac5d9a895de36d1d0170cfbc72f2d8d79751877

    • SHA256

      276b0f07b8248b0b2d1f9d0b38004f296485f4905f949d468cc93998e136b589

    • SHA512

      528bbc3b509e001128c1de7d2e82064e8daf4f888b62b6e0917c6402d5b3970b678a9c64411a171edbb7f87c24f42a8cfe02cffc8608b89697db5863830c6db6

    • SSDEEP

      3072:KQSo7Z54HZKMx4dhECVwQSo7Z54HZKMx4dhECV4:KQSoz4HUK4dh5wQSoz4HUK4dh54

    Score
    9/10
    ransomwareupx

    • Renames multiple (3254) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks