Overview

overview

9

Static

static

7

c9df087884...0N.exe

windows7-x64

9

c9df087884...0N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c9df0878846a9d14f22fcc179012e220N.exe

  • Size

    113KB

  • Sample

    240805-yhq5rszfnf

  • MD5

    c9df0878846a9d14f22fcc179012e220

  • SHA1

    b9b8ac82eac740b2a7be6b4872dbef29cd6c7079

  • SHA256

    0d54126023f6f1ec0fb161e1cdf629333b079572026d06cd212c7117dfc73aa3

  • SHA512

    927f1a0e226097bc8c5f297d7c093687a078ca5f203236f3802ce07e524b525578784b6d83da1de299056e2989fba3b722a979fda5b4a9d2a565be882c0a9918

  • SSDEEP

    1536:V7Zf/FAxTWoJJXV6T6ybB7Zf/FAxTWoJJXV6T6yb+59:fny1bmny1bT59

Score
9/10
discoveryransomwareupx

Malware Config

Targets

    • Target

      c9df0878846a9d14f22fcc179012e220N.exe

    • Size

      113KB

    • MD5

      c9df0878846a9d14f22fcc179012e220

    • SHA1

      b9b8ac82eac740b2a7be6b4872dbef29cd6c7079

    • SHA256

      0d54126023f6f1ec0fb161e1cdf629333b079572026d06cd212c7117dfc73aa3

    • SHA512

      927f1a0e226097bc8c5f297d7c093687a078ca5f203236f3802ce07e524b525578784b6d83da1de299056e2989fba3b722a979fda5b4a9d2a565be882c0a9918

    • SSDEEP

      1536:V7Zf/FAxTWoJJXV6T6ybB7Zf/FAxTWoJJXV6T6yb+59:fny1bmny1bT59

    Score
    9/10
    discoveryransomwareupx

    • Renames multiple (4301) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks