Overview

overview

9

Static

static

7

da5c13f263...0N.exe

windows7-x64

9

da5c13f263...0N.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    da5c13f263738cf212ae52555c731900N.exe

  • Size

    290KB

  • Sample

    240806-xme3ma1bre

  • MD5

    da5c13f263738cf212ae52555c731900

  • SHA1

    c6eb53272650535cfbebc5a047ec45db04842d0f

  • SHA256

    53a145b28e590a6014f98d2d6aaf7bf2d7943271e34e6fc8f9814e8eabba103f

  • SHA512

    70eae9adb4054cbb998e55242380e4014927b1ce5e6c94ec33a59a5d370779a0ce0aaf07683108ecf35e971ec5c9d0d3f253bb1b036a41ac48da912dab9ab1d3

  • SSDEEP

    6144:KiQSoDuXuyQSoDuXuEH0iQSoDuXuyQSoDuXuEHl:VQtwQtoQtwQte

Score
9/10
discoveryransomwareupx

Malware Config

Targets

    • Target

      da5c13f263738cf212ae52555c731900N.exe

    • Size

      290KB

    • MD5

      da5c13f263738cf212ae52555c731900

    • SHA1

      c6eb53272650535cfbebc5a047ec45db04842d0f

    • SHA256

      53a145b28e590a6014f98d2d6aaf7bf2d7943271e34e6fc8f9814e8eabba103f

    • SHA512

      70eae9adb4054cbb998e55242380e4014927b1ce5e6c94ec33a59a5d370779a0ce0aaf07683108ecf35e971ec5c9d0d3f253bb1b036a41ac48da912dab9ab1d3

    • SSDEEP

      6144:KiQSoDuXuyQSoDuXuEH0iQSoDuXuyQSoDuXuEHl:VQtwQtoQtwQte

    Score
    9/10
    discoveryransomwareupx

    • Renames multiple (3036) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks