6e90ce9865b0268e368e4dbeb0b1b8d14c36096c65d3733b4d2b6b12ad5898b8 | Triage

Submit
Reports

Overview

overview

9

Static

static

7

044916cb59...0N.exe

windows7-x64

9

044916cb59...0N.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

Target

044916cb5912a4af99997ab93e9c4a90N.exe
Size

485KB
Sample

240805-znsffsxhrk
MD5

044916cb5912a4af99997ab93e9c4a90
SHA1

d868476df6d8ac58281e66e7bd45d2870989405b
SHA256

6e90ce9865b0268e368e4dbeb0b1b8d14c36096c65d3733b4d2b6b12ad5898b8
SHA512

9588bc20098420cb33c6936b35a30446cae65fcc2ef2e995436716892300b44e258ddcdaed42fc2d4d33d3356f76bb0d0e41b56130f5dc4d4088c4101bb537dd
SSDEEP

6144:eYrIOXsqmWzJrdc6GJRQUWGUA9PRWLiFSbE56FORF6:+2lWRPWhA9PRWg9q

Score

9^/10

discovery ransomware upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

044916cb5912a4af99997ab93e9c4a90N.exe

Resource

win7-20240704-en

discovery ransomware upx

windows7-x64

9 signatures

120 seconds

Behavioral task

behavioral2

Sample

044916cb5912a4af99997ab93e9c4a90N.exe

Resource

win10v2004-20240802-en

discovery ransomware upx

windows10-2004-x64

8 signatures

120 seconds

Malware Config

Targets

- Target
  
  044916cb5912a4af99997ab93e9c4a90N.exe
- Size
  
  485KB
- MD5
  
  044916cb5912a4af99997ab93e9c4a90
- SHA1
  
  d868476df6d8ac58281e66e7bd45d2870989405b
- SHA256
  
  6e90ce9865b0268e368e4dbeb0b1b8d14c36096c65d3733b4d2b6b12ad5898b8
- SHA512
  
  9588bc20098420cb33c6936b35a30446cae65fcc2ef2e995436716892300b44e258ddcdaed42fc2d4d33d3356f76bb0d0e41b56130f5dc4d4088c4101bb537dd
- SSDEEP
  
  6144:eYrIOXsqmWzJrdc6GJRQUWGUA9PRWLiFSbE56FORF6:+2lWRPWhA9PRWg9q
Score

9^/10

discovery ransomware upx
- Renames multiple (3353) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomwareupx

behavioral2

discoveryransomwareupx

© 2018-2025

Terms | Privacy