abf9e78f9f50b3055eee3810cda0ba7ed95ffc9e2174eb74629920ce5ff4c08c | Triage

Submit
Reports

Overview

overview

9

Static

static

7

205b2a2da3...0N.exe

windows7-x64

9

205b2a2da3...0N.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

Target

205b2a2da30bcd59ed423332c7ce9950N.exe
Size

115KB
Sample

240829-a848bavgpc
MD5

205b2a2da30bcd59ed423332c7ce9950
SHA1

3c4d630db8de76d63ddbff633f51e7191efb2371
SHA256

abf9e78f9f50b3055eee3810cda0ba7ed95ffc9e2174eb74629920ce5ff4c08c
SHA512

8a05253a4af6a90187e0ea7aba099ddb7089f3746bc18041921f548a7d67194e3443e24f8117e9d3b12dd2bebe4cc3f1a21c2259641c6e7d5c951552a426369e
SSDEEP

1536:CTWn1++PJHJXA/OsIZfzc3/Q8zxtTWn1++PJHJXA/OsIZfzc3/Q8zxSWN:KQSokQSoVWN

Score

9^/10

discovery ransomware upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

205b2a2da30bcd59ed423332c7ce9950N.exe

Resource

win7-20240705-en

discovery ransomware upx

windows7-x64

8 signatures

120 seconds

Behavioral task

behavioral2

Sample

205b2a2da30bcd59ed423332c7ce9950N.exe

Resource

win10v2004-20240802-en

discovery ransomware upx

windows10-2004-x64

7 signatures

120 seconds

Malware Config

Targets

- Target
  
  205b2a2da30bcd59ed423332c7ce9950N.exe
- Size
  
  115KB
- MD5
  
  205b2a2da30bcd59ed423332c7ce9950
- SHA1
  
  3c4d630db8de76d63ddbff633f51e7191efb2371
- SHA256
  
  abf9e78f9f50b3055eee3810cda0ba7ed95ffc9e2174eb74629920ce5ff4c08c
- SHA512
  
  8a05253a4af6a90187e0ea7aba099ddb7089f3746bc18041921f548a7d67194e3443e24f8117e9d3b12dd2bebe4cc3f1a21c2259641c6e7d5c951552a426369e
- SSDEEP
  
  1536:CTWn1++PJHJXA/OsIZfzc3/Q8zxtTWn1++PJHJXA/OsIZfzc3/Q8zxSWN:KQSokQSoVWN
Score

9^/10

discovery ransomware upx
- Renames multiple (4640) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomwareupx

behavioral2

discoveryransomwareupx

© 2018-2025

Terms | Privacy