54d557c03a5d8bb1c3152cd6ba6c2833841189a7497119583ebf0d79004a4b10 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

7

54d557c03a...10.exe

windows7-x64

9

54d557c03a...10.exe

windows10-2004-x64

9

Sharing

General

Target

54d557c03a5d8bb1c3152cd6ba6c2833841189a7497119583ebf0d79004a4b10
Size

54KB
Sample

240807-1stdzsvcqj
MD5

c66cd31a6f2e9e9092a5bd952384128a
SHA1

7288bed0fa71499fbc62b8eeffa14644218dd497
SHA256

54d557c03a5d8bb1c3152cd6ba6c2833841189a7497119583ebf0d79004a4b10
SHA512

b7f297fe538feda180886968df1ca0329b1bd6960e308097807faffd689441dcd117399dfd18687c3c2a53c0f87be0345e0e43fa7bba581a56abc6cce7a2b292
SSDEEP

768:kBT37CPKKdJJcbQbf1Oti1JGBQOOiQJhATNyQY8BT37CPKKdJJcbQbf1Oti1JGBZ:CTW7JJZENTNyQYaTW7JJZENTNyQYw1tR

Score

9^/10

discovery ransomware upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

54d557c03a5d8bb1c3152cd6ba6c2833841189a7497119583ebf0d79004a4b10.exe

Resource

win7-20240704-en

discovery ransomware upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

54d557c03a5d8bb1c3152cd6ba6c2833841189a7497119583ebf0d79004a4b10.exe

Resource

win10v2004-20240802-en

discovery ransomware upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  54d557c03a5d8bb1c3152cd6ba6c2833841189a7497119583ebf0d79004a4b10
- Size
  
  54KB
- MD5
  
  c66cd31a6f2e9e9092a5bd952384128a
- SHA1
  
  7288bed0fa71499fbc62b8eeffa14644218dd497
- SHA256
  
  54d557c03a5d8bb1c3152cd6ba6c2833841189a7497119583ebf0d79004a4b10
- SHA512
  
  b7f297fe538feda180886968df1ca0329b1bd6960e308097807faffd689441dcd117399dfd18687c3c2a53c0f87be0345e0e43fa7bba581a56abc6cce7a2b292
- SSDEEP
  
  768:kBT37CPKKdJJcbQbf1Oti1JGBQOOiQJhATNyQY8BT37CPKKdJJcbQbf1Oti1JGBZ:CTW7JJZENTNyQYaTW7JJZENTNyQYw1tR
Score

9^/10

discovery ransomware upx
- Renames multiple (1587) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomwareupx

behavioral2

discoveryransomwareupx

© 2018-2025

Terms | Privacy