Overview

overview

9

Static

static

7

0da17e5a1b...51.exe

windows7-x64

9

0da17e5a1b...51.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    0da17e5a1bd21ebe2c266cd466747cf40743b0ecd995335c02e49215336ee451

  • Size

    97KB

  • Sample

    240709-xe5nbaygpm

  • MD5

    f5451e96ccf29590da4c71e980382767

  • SHA1

    0ec657eff18759c7509c4ff9b9e5fb7f0996f174

  • SHA256

    0da17e5a1bd21ebe2c266cd466747cf40743b0ecd995335c02e49215336ee451

  • SHA512

    cc4b18f4cd0dda33fadcaebc0f9380279f0d8edf4bb3ca941638a3b605d68f2de9bacd649554228db61a02d8248b3633b63e0b214dcb9b55944c61ac1a759e22

  • SSDEEP

    1536:CTWn1++PJHJXA/OsIZfzc3/Q8+zCuXTWn1++PJHJXA/OsIZfzc3/Q8+2:KQSoUuzQSog

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      0da17e5a1bd21ebe2c266cd466747cf40743b0ecd995335c02e49215336ee451

    • Size

      97KB

    • MD5

      f5451e96ccf29590da4c71e980382767

    • SHA1

      0ec657eff18759c7509c4ff9b9e5fb7f0996f174

    • SHA256

      0da17e5a1bd21ebe2c266cd466747cf40743b0ecd995335c02e49215336ee451

    • SHA512

      cc4b18f4cd0dda33fadcaebc0f9380279f0d8edf4bb3ca941638a3b605d68f2de9bacd649554228db61a02d8248b3633b63e0b214dcb9b55944c61ac1a759e22

    • SSDEEP

      1536:CTWn1++PJHJXA/OsIZfzc3/Q8+zCuXTWn1++PJHJXA/OsIZfzc3/Q8+2:KQSoUuzQSog

    Score
    9/10
    ransomwareupx

    • Renames multiple (4484) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks