Overview

overview

9

Static

static

7

688e50c1be...0N.exe

windows7-x64

9

688e50c1be...0N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    688e50c1be9526737d78a33b75503d70N.exe

  • Size

    110KB

  • Sample

    240825-pnsq4swbkp

  • MD5

    688e50c1be9526737d78a33b75503d70

  • SHA1

    f1c35af762c9cec624f1a93f6c6bfd5f6b10878a

  • SHA256

    fbe87b7662632543000ddcb55a41834497118765b59f6f0b0ff1b8b41d4e0c2b

  • SHA512

    52f38f133d41a6b9fe6e83d0703244fd181c7f2cb4d4ea2795dcbbee367faf890266b6e2161461212a2b2b339293483ceecd981a5c4cad1c4f2dc0bb87dc7162

  • SSDEEP

    1536:CTWn1++PJHJXA/OsIZfzc3/Q8IZTOTWn1++PJHJXA/OsIZfzc3/Q8IZTL:KQSo7ZKQSo7ZX

Score
9/10
discoveryransomwareupx

Malware Config

Targets

    • Target

      688e50c1be9526737d78a33b75503d70N.exe

    • Size

      110KB

    • MD5

      688e50c1be9526737d78a33b75503d70

    • SHA1

      f1c35af762c9cec624f1a93f6c6bfd5f6b10878a

    • SHA256

      fbe87b7662632543000ddcb55a41834497118765b59f6f0b0ff1b8b41d4e0c2b

    • SHA512

      52f38f133d41a6b9fe6e83d0703244fd181c7f2cb4d4ea2795dcbbee367faf890266b6e2161461212a2b2b339293483ceecd981a5c4cad1c4f2dc0bb87dc7162

    • SSDEEP

      1536:CTWn1++PJHJXA/OsIZfzc3/Q8IZTOTWn1++PJHJXA/OsIZfzc3/Q8IZTL:KQSo7ZKQSo7ZX

    Score
    9/10
    discoveryransomwareupx

    • Renames multiple (4302) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks