Overview

overview

9

Static

static

7

317e74aaf9...0N.exe

windows7-x64

9

317e74aaf9...0N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    317e74aaf9712e5951ab220526681ad0N.exe

  • Size

    269KB

  • Sample

    240806-a2jb9stenl

  • MD5

    317e74aaf9712e5951ab220526681ad0

  • SHA1

    b1e50bbd5d0e76a905cdb4ae352cbf41a71fe143

  • SHA256

    a559bc87aeecbd42f6b27abe4810bedf9432248105c512bf66819837204bf656

  • SHA512

    af04903ef9460027eaaba9a3961b04ba0a5f4c3cf61cd4242b65aea2887bf5d0061e4cc15c28519d63b8a1b37bb6e24d3edcf8f58545480f9c5a3e0616f9f1ab

  • SSDEEP

    6144:JmCAIuZAIuDMVtM/VmCAIuZAIuDMVtM/d:7AIuZAIuOCAIuZAIuOe

Score
9/10
discoveryransomwareupx

Malware Config

Targets

    • Target

      317e74aaf9712e5951ab220526681ad0N.exe

    • Size

      269KB

    • MD5

      317e74aaf9712e5951ab220526681ad0

    • SHA1

      b1e50bbd5d0e76a905cdb4ae352cbf41a71fe143

    • SHA256

      a559bc87aeecbd42f6b27abe4810bedf9432248105c512bf66819837204bf656

    • SHA512

      af04903ef9460027eaaba9a3961b04ba0a5f4c3cf61cd4242b65aea2887bf5d0061e4cc15c28519d63b8a1b37bb6e24d3edcf8f58545480f9c5a3e0616f9f1ab

    • SSDEEP

      6144:JmCAIuZAIuDMVtM/VmCAIuZAIuDMVtM/d:7AIuZAIuOCAIuZAIuOe

    Score
    9/10
    discoveryransomwareupx

    • Renames multiple (2900) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks