474003169c5b6033ceba8af799d62d2482682ed7f4d45066c04524a5f5b8eec8 | Triage

Submit
Reports

Overview

overview

9

Static

static

7

d49ab95625...0N.exe

windows7-x64

9

d49ab95625...0N.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

Target

d49ab9562542f9b962850e90ae89a080N.exe
Size

52KB
Sample

240715-n5by9ayakf
MD5

d49ab9562542f9b962850e90ae89a080
SHA1

4e89aec7eaa316e1458df84a917bea99f3a4f8b0
SHA256

474003169c5b6033ceba8af799d62d2482682ed7f4d45066c04524a5f5b8eec8
SHA512

febd82d2cbef40067fe373be6fd3fe876c9937505d001e32af70451f2e1f1dcbad174f011fadf956df2b2e9012259c3c7e3a0eabf2e0471fb149bc076a141173
SSDEEP

768:kBT37CPKKIm0CAbLg++PJHJzIWD+dVdCYgck5sIZFlzc3/Sg2aDM9uA9DM9uAFIe:CTWn1++PJHJXA/OsIZfzc3/Q8IZv2n

Score

9^/10

ransomware upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

d49ab9562542f9b962850e90ae89a080N.exe

Resource

win7-20240705-en

windows7-x64

3 signatures

120 seconds

Behavioral task

behavioral2

Sample

d49ab9562542f9b962850e90ae89a080N.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

3 signatures

120 seconds

Malware Config

Targets

- Target
  
  d49ab9562542f9b962850e90ae89a080N.exe
- Size
  
  52KB
- MD5
  
  d49ab9562542f9b962850e90ae89a080
- SHA1
  
  4e89aec7eaa316e1458df84a917bea99f3a4f8b0
- SHA256
  
  474003169c5b6033ceba8af799d62d2482682ed7f4d45066c04524a5f5b8eec8
- SHA512
  
  febd82d2cbef40067fe373be6fd3fe876c9937505d001e32af70451f2e1f1dcbad174f011fadf956df2b2e9012259c3c7e3a0eabf2e0471fb149bc076a141173
- SSDEEP
  
  768:kBT37CPKKIm0CAbLg++PJHJzIWD+dVdCYgck5sIZFlzc3/Sg2aDM9uA9DM9uAFIe:CTWn1++PJHJXA/OsIZfzc3/Q8IZv2n
Score

9^/10

ransomware upx
- Renames multiple (2822) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy