Overview

overview

9

Static

static

7

cb79b3b0ea...0N.exe

windows7-x64

9

cb79b3b0ea...0N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cb79b3b0ea89dea427d946c58f270ea0N.exe

  • Size

    195KB

  • Sample

    240814-cx7keazdpj

  • MD5

    cb79b3b0ea89dea427d946c58f270ea0

  • SHA1

    c4c8d5933a0b61c3ebc26b3a4cba578f3b059b45

  • SHA256

    cb92a876102c6084822772aed5eba15e4c80a4c8dd591dc81bba73c18c79d04e

  • SHA512

    8cd1b39e81d5b5f7cb2e3d05a15f87750022f0fe4b95f3d6e9048f49daf38f5dac91e5b5fc70ec879bcb3c3d84c58b9bf9bdc940fe427d6708fbecbcb937aa92

  • SSDEEP

    3072:KQSokw9mHpKZNGCLOwstyhZFChcssc56FUrgxvbSD4UQrO2ZTx+:KQSo/9UpK7ShcHUaZ8

Score
9/10
discoveryransomwareupx

Malware Config

Targets

    • Target

      cb79b3b0ea89dea427d946c58f270ea0N.exe

    • Size

      195KB

    • MD5

      cb79b3b0ea89dea427d946c58f270ea0

    • SHA1

      c4c8d5933a0b61c3ebc26b3a4cba578f3b059b45

    • SHA256

      cb92a876102c6084822772aed5eba15e4c80a4c8dd591dc81bba73c18c79d04e

    • SHA512

      8cd1b39e81d5b5f7cb2e3d05a15f87750022f0fe4b95f3d6e9048f49daf38f5dac91e5b5fc70ec879bcb3c3d84c58b9bf9bdc940fe427d6708fbecbcb937aa92

    • SSDEEP

      3072:KQSokw9mHpKZNGCLOwstyhZFChcssc56FUrgxvbSD4UQrO2ZTx+:KQSo/9UpK7ShcHUaZ8

    Score
    9/10
    discoveryransomwareupx

    • Renames multiple (3262) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks