Overview

overview

9

Static

static

7

0843b93d65...0N.exe

windows7-x64

9

0843b93d65...0N.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    0843b93d65f0b99a35a2a952e56b58c0N.exe

  • Size

    171KB

  • Sample

    240720-xs6sjawbpg

  • MD5

    0843b93d65f0b99a35a2a952e56b58c0

  • SHA1

    2890c0048f5899507f9189079ef822c2e190448e

  • SHA256

    b0e3b5a8a1b9d2f88c21eb3ab0c10eea0622960f56512ebe1270776ce130e612

  • SHA512

    3d01c985747369261805f2535617318ef0d750603e83a5032a5d22cad0e2bb3aa6453f6d97894bff2b3b85d8ab5a0998473d36e81086a3fbe3d82d4fef604152

  • SSDEEP

    1536:a7ZyqaFAxTWH1++PJHJXA/OsIZfzc3/Q8jsfEiKpN7ZyqaFAxTWH1++PJHJXA/Od:enaypQSoTEi2naypQSoTEib

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      0843b93d65f0b99a35a2a952e56b58c0N.exe

    • Size

      171KB

    • MD5

      0843b93d65f0b99a35a2a952e56b58c0

    • SHA1

      2890c0048f5899507f9189079ef822c2e190448e

    • SHA256

      b0e3b5a8a1b9d2f88c21eb3ab0c10eea0622960f56512ebe1270776ce130e612

    • SHA512

      3d01c985747369261805f2535617318ef0d750603e83a5032a5d22cad0e2bb3aa6453f6d97894bff2b3b85d8ab5a0998473d36e81086a3fbe3d82d4fef604152

    • SSDEEP

      1536:a7ZyqaFAxTWH1++PJHJXA/OsIZfzc3/Q8jsfEiKpN7ZyqaFAxTWH1++PJHJXA/Od:enaypQSoTEi2naypQSoTEib

    Score
    9/10
    ransomwareupx

    • Renames multiple (4527) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks