Overview

overview

9

Static

static

7

98b59a3f11...0N.exe

windows7-x64

9

98b59a3f11...0N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    98b59a3f11b44be0564784f665cd1280N.exe

  • Size

    127KB

  • Sample

    240727-f51nlsseph

  • MD5

    98b59a3f11b44be0564784f665cd1280

  • SHA1

    a9ae94ac38e8796ecc1925a302007544cd7f4832

  • SHA256

    797fcde04b7727c458c2b051449b8c1583385d113e3d05de3d06af1c3c98a9cb

  • SHA512

    c725a4a83562ad24e0f9b6dded9ca816a7aecdfdeee6f60fce1d6166ea517122281e7c8750c1ae0c82dc4e934579bcf3fdefa7a73b7c11b878488ec33a4bbffe

  • SSDEEP

    1536:V7Zf/FAxTWoJJXV6C6tfeMW1iMzArE/TidjhyKieiO:fny1bstfeMQiMzArE7idjhyKieiO

Score
9/10
discoveryransomwareupx

Malware Config

Targets

    • Target

      98b59a3f11b44be0564784f665cd1280N.exe

    • Size

      127KB

    • MD5

      98b59a3f11b44be0564784f665cd1280

    • SHA1

      a9ae94ac38e8796ecc1925a302007544cd7f4832

    • SHA256

      797fcde04b7727c458c2b051449b8c1583385d113e3d05de3d06af1c3c98a9cb

    • SHA512

      c725a4a83562ad24e0f9b6dded9ca816a7aecdfdeee6f60fce1d6166ea517122281e7c8750c1ae0c82dc4e934579bcf3fdefa7a73b7c11b878488ec33a4bbffe

    • SSDEEP

      1536:V7Zf/FAxTWoJJXV6C6tfeMW1iMzArE/TidjhyKieiO:fny1bstfeMQiMzArE7idjhyKieiO

    Score
    9/10
    discoveryransomwareupx

    • Renames multiple (235) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1
T1614

System Language Discovery

1
T1614.001

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks