Overview

overview

9

Static

static

7

dc677c4149...0N.exe

windows7-x64

9

dc677c4149...0N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dc677c4149541964f2097e0fa7fb2de0N.exe

  • Size

    260KB

  • Sample

    240725-spp86awgjr

  • MD5

    dc677c4149541964f2097e0fa7fb2de0

  • SHA1

    f1c2458bc2b051bc094dac17ae19764f5961b0d2

  • SHA256

    4332a1f3fdcbc0332b752a21d0cfd8e472ed44a14c2b049fae309a92c649bb65

  • SHA512

    2b5c7a9450efc4d9e0fb6fbb0a9248a3f47443383e2cf09f7fd877b17e113ee726a96b2526707f6a8bc0ea3f5dc17e9a40cab02223240152698a755e8cd1a596

  • SSDEEP

    6144:wHpQSoz4HUK4dh5hHpQSoz4HUK4dh5/5m:sQtze54hZQtze54hK

Score
9/10
discoveryransomwareupx

Malware Config

Targets

    • Target

      dc677c4149541964f2097e0fa7fb2de0N.exe

    • Size

      260KB

    • MD5

      dc677c4149541964f2097e0fa7fb2de0

    • SHA1

      f1c2458bc2b051bc094dac17ae19764f5961b0d2

    • SHA256

      4332a1f3fdcbc0332b752a21d0cfd8e472ed44a14c2b049fae309a92c649bb65

    • SHA512

      2b5c7a9450efc4d9e0fb6fbb0a9248a3f47443383e2cf09f7fd877b17e113ee726a96b2526707f6a8bc0ea3f5dc17e9a40cab02223240152698a755e8cd1a596

    • SSDEEP

      6144:wHpQSoz4HUK4dh5hHpQSoz4HUK4dh5/5m:sQtze54hZQtze54hK

    Score
    9/10
    discoveryransomwareupx

    • Renames multiple (3559) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks