Overview

overview

9

Static

static

7

680becd421...0N.exe

windows7-x64

9

680becd421...0N.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    680becd4215d4faee797d64c36866640N.exe

  • Size

    193KB

  • Sample

    240723-fdcgpsyenl

  • MD5

    680becd4215d4faee797d64c36866640

  • SHA1

    a8752ea0fe5288053522418a483db98c2ad8060f

  • SHA256

    9f3c9fcb6f6319b3480cd1faa223c495e49a9f829bf72c9a60c0c1e4a2092073

  • SHA512

    413a9d4353b6ddf01cc663b4946039262fa631a3e3cad635c24939c6d925f85ff1d278c3f7977f6a54407b3971040128a79984610179b77abc607262475e64df

  • SSDEEP

    1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8zxtjm8sP7Zf/FAxTWY1++PJHJXA/OsIA:fnyiQSoojmHNnyiQSoojmHs

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      680becd4215d4faee797d64c36866640N.exe

    • Size

      193KB

    • MD5

      680becd4215d4faee797d64c36866640

    • SHA1

      a8752ea0fe5288053522418a483db98c2ad8060f

    • SHA256

      9f3c9fcb6f6319b3480cd1faa223c495e49a9f829bf72c9a60c0c1e4a2092073

    • SHA512

      413a9d4353b6ddf01cc663b4946039262fa631a3e3cad635c24939c6d925f85ff1d278c3f7977f6a54407b3971040128a79984610179b77abc607262475e64df

    • SSDEEP

      1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8zxtjm8sP7Zf/FAxTWY1++PJHJXA/OsIA:fnyiQSoojmHNnyiQSoojmHs

    Score
    9/10
    ransomwareupx

    • Renames multiple (2815) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks