Overview

overview

9

Static

static

7

256b787ddf...25.exe

windows7-x64

9

256b787ddf...25.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    256b787ddf4bd4ddc3355c3bee5c2ff6440ea50816fd5f6101c47cd75b1d9d25

  • Size

    89KB

  • Sample

    240807-ymvnratakr

  • MD5

    31bc9f1f04fa3ebc520e8c8f25406a53

  • SHA1

    0d7cd94aab44b55927eee1093d41e9f098ffa46b

  • SHA256

    256b787ddf4bd4ddc3355c3bee5c2ff6440ea50816fd5f6101c47cd75b1d9d25

  • SHA512

    88715447768b518b057b675a4bafc7cc284a66bc48e49323ff85ebd6bb2d1f987939e9544122d05b3e12d564a84eb52d47dda4947c7bf3d5f97cbca125a40663

  • SSDEEP

    1536:V7Zf/FAxTWoJJZENTBD7Zf/FAxTWoJJZENTBY:fny1tEZny1tEA

Score
9/10
discoveryransomwareupx

Malware Config

Targets

    • Target

      256b787ddf4bd4ddc3355c3bee5c2ff6440ea50816fd5f6101c47cd75b1d9d25

    • Size

      89KB

    • MD5

      31bc9f1f04fa3ebc520e8c8f25406a53

    • SHA1

      0d7cd94aab44b55927eee1093d41e9f098ffa46b

    • SHA256

      256b787ddf4bd4ddc3355c3bee5c2ff6440ea50816fd5f6101c47cd75b1d9d25

    • SHA512

      88715447768b518b057b675a4bafc7cc284a66bc48e49323ff85ebd6bb2d1f987939e9544122d05b3e12d564a84eb52d47dda4947c7bf3d5f97cbca125a40663

    • SSDEEP

      1536:V7Zf/FAxTWoJJZENTBD7Zf/FAxTWoJJZENTBY:fny1tEZny1tEA

    Score
    9/10
    discoveryransomwareupx

    • Renames multiple (4834) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks