Overview

overview

9

Static

static

7

98fe21f05f...0N.exe

windows7-x64

9

98fe21f05f...0N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    98fe21f05fc90b84278d283b41878ee0N.exe

  • Size

    103KB

  • Sample

    240727-f66w1ssfja

  • MD5

    98fe21f05fc90b84278d283b41878ee0

  • SHA1

    1645fc77f682d61563eaa4d634b0672e6bd59cac

  • SHA256

    2089d93002edc9d9947b6827d0d1dd0f361fe752bde91629de52f8a7c73e563d

  • SHA512

    35cc41581d8e0a98189e3482b70e07681ecb57a20ecb9bfcb6c73c01f60346b5c714015557c7f7cac79c3f2b9982e834a905a1e4b65dd237f638527e085a1db3

  • SSDEEP

    1536:CTWn1++PJHJXA/OsIZfzc3/Q8zxxTWn1++PJHJXA/OsIZfzc3/Q8zxI:KQSoYQSox

Score
9/10
discoveryransomwareupx

Malware Config

Targets

    • Target

      98fe21f05fc90b84278d283b41878ee0N.exe

    • Size

      103KB

    • MD5

      98fe21f05fc90b84278d283b41878ee0

    • SHA1

      1645fc77f682d61563eaa4d634b0672e6bd59cac

    • SHA256

      2089d93002edc9d9947b6827d0d1dd0f361fe752bde91629de52f8a7c73e563d

    • SHA512

      35cc41581d8e0a98189e3482b70e07681ecb57a20ecb9bfcb6c73c01f60346b5c714015557c7f7cac79c3f2b9982e834a905a1e4b65dd237f638527e085a1db3

    • SSDEEP

      1536:CTWn1++PJHJXA/OsIZfzc3/Q8zxxTWn1++PJHJXA/OsIZfzc3/Q8zxI:KQSoYQSox

    Score
    9/10
    discoveryransomwareupx

    • Renames multiple (2338) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks