Overview

overview

9

Static

static

7

32edb5e4fe...0N.exe

windows7-x64

9

32edb5e4fe...0N.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    120s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    14/07/2024, 22:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    32edb5e4fe99e43027511b03a14e28a0N.exe

  • Size

    100KB

  • MD5

    32edb5e4fe99e43027511b03a14e28a0

  • SHA1

    0ae25e9ba955174a0eee4dad7edab626308702d4

  • SHA256

    1fa22510bdb65cf80e2fc5bf2f8f7238125afe8d0154c581c51a070138f196f4

  • SHA512

    61ae4d3dacfdd40860f09174d2646e2e53bc1bd809fb4384d88c50928ca2de36061a892955ff6fbf30903c19c3459caf03e1c2430f6f80e07b55af15a558df65

  • SSDEEP

    1536:a7ZyqaFAlsr1++PJHJXFAIuZAIuyxX5rQulF6v:enaym3AIuZAIuyxJrQulI

Score
9/10
ransomwareupx

Malware Config

Signatures

  • Renames multiple (2712) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • UPX packed file 4 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\32edb5e4fe99e43027511b03a14e28a0N.exe
    "C:\Users\Admin\AppData\Local\Temp\32edb5e4fe99e43027511b03a14e28a0N.exe"
    1⤵
    • Drops file in Program Files directory
    PID:1708

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-2172136094-3310281978-782691160-1000\desktop.ini.tmp
    Filesize

    100KB

    MD5

    745b3852e33f15f80c52b66e686c5ead

    SHA1

    cf3c17931c110ce49a2bbf3386926b43a74ed976

    SHA256

    5f51ca46aba06461d64c4cceb523f044cc4c900aed2c642ddb228e8575855568

    SHA512

    5a2730cca7dd8d93c32d9911592d368c76cca41d6ff7735fc1e24332cee3f180c4fbcad23fb818b7c3861f0326c6295ba9b3fbf37323ea5e0e62fbeb1b31620c

    Download Submit

  • C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
    Filesize

    109KB

    MD5

    852c969a73023fe3ada5c8df93a2301e

    SHA1

    71874215ea1726aaf6b610e2eb75506cbfd9d780

    SHA256

    ac1dc7453a0fd9d051ad83e1603f88bdf3eb9e107a887160737639c2e9be9fe1

    SHA512

    9fc7dd207421c11a6a384a97bcba41e2978f9a4216e79a477508161d0aa598fe6366b42d993ec584f5998a257220e5c4eb9d27ebb0a78a3dd8121d5bd600ce4f

    Download Submit

  • memory/1708-0-0x0000000000400000-0x000000000040B000-memory.dmp

    Filesize

    44KB

    Download

  • memory/1708-398-0x0000000000400000-0x000000000040B000-memory.dmp

    Filesize

    44KB

    Download