Overview

overview

9

Static

static

7

356f42d334...0N.exe

windows7-x64

9

356f42d334...0N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    356f42d334ccad3657a73d1033f2c770N.exe

  • Size

    58KB

  • Sample

    240724-ca4j8svbqb

  • MD5

    356f42d334ccad3657a73d1033f2c770

  • SHA1

    acc9879d865c4d52db2b58e38f7ac8b42c38e641

  • SHA256

    0af5754540543c7048796d2aff92feb6fd0a991434b0828b7431b41083e37aa2

  • SHA512

    18d46f698ac21fa6bc9b33ffc58dcfb261b7f6355c478c0c690a18c92aa4614f5969cae8b85418b134cb8d035857651e4fbf0ed30d997ceb531c682666bfb509

  • SSDEEP

    1536:CTW7JJZENTNyl2Sm0m3TW7JJZENTNyl2Sm0ms:htE42KtE42G

Score
9/10
discoveryransomwareupx

Malware Config

Targets

    • Target

      356f42d334ccad3657a73d1033f2c770N.exe

    • Size

      58KB

    • MD5

      356f42d334ccad3657a73d1033f2c770

    • SHA1

      acc9879d865c4d52db2b58e38f7ac8b42c38e641

    • SHA256

      0af5754540543c7048796d2aff92feb6fd0a991434b0828b7431b41083e37aa2

    • SHA512

      18d46f698ac21fa6bc9b33ffc58dcfb261b7f6355c478c0c690a18c92aa4614f5969cae8b85418b134cb8d035857651e4fbf0ed30d997ceb531c682666bfb509

    • SSDEEP

      1536:CTW7JJZENTNyl2Sm0m3TW7JJZENTNyl2Sm0ms:htE42KtE42G

    Score
    9/10
    discoveryransomwareupx

    • Renames multiple (3130) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks