Overview

overview

9

Static

static

7

7acd8aa3db...0N.exe

windows7-x64

9

7acd8aa3db...0N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7acd8aa3db3d206471d95dffaa7bbef0N.exe

  • Size

    113KB

  • Sample

    240726-fnkwtsxfrm

  • MD5

    7acd8aa3db3d206471d95dffaa7bbef0

  • SHA1

    2b7296c1b60e0531025bb0d8aed0ca014d7817f8

  • SHA256

    dc4c2070fdbf7a99bc4108ef9be2c9aeb1a5a8fa7b0ba43b86cffda6e8c3f95c

  • SHA512

    3f220a41babb937663ccad391163fdb852d371e1ce17847f694c7bc7e09362b3d707e4ea1c2b55b2144461838dfbc123dbece7b1472fd9b9379a464257547a0c

  • SSDEEP

    1536:a7ZyqaFAxTWbJJB7LDKTW7JJB7LDpDg7ZyqaFAxTWbJJB7LDKTW7JJB7LDpDfx:enay2tDptDpDgnay2tDptDpDJ

Score
9/10
discoveryransomwareupx

Malware Config

Targets

    • Target

      7acd8aa3db3d206471d95dffaa7bbef0N.exe

    • Size

      113KB

    • MD5

      7acd8aa3db3d206471d95dffaa7bbef0

    • SHA1

      2b7296c1b60e0531025bb0d8aed0ca014d7817f8

    • SHA256

      dc4c2070fdbf7a99bc4108ef9be2c9aeb1a5a8fa7b0ba43b86cffda6e8c3f95c

    • SHA512

      3f220a41babb937663ccad391163fdb852d371e1ce17847f694c7bc7e09362b3d707e4ea1c2b55b2144461838dfbc123dbece7b1472fd9b9379a464257547a0c

    • SSDEEP

      1536:a7ZyqaFAxTWbJJB7LDKTW7JJB7LDpDg7ZyqaFAxTWbJJB7LDKTW7JJB7LDpDfx:enay2tDptDpDgnay2tDptDpDJ

    Score
    9/10
    discoveryransomwareupx

    • Renames multiple (4371) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks