Overview

overview

9

Static

static

7

3fa73a3e39...b1.exe

windows7-x64

9

3fa73a3e39...b1.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    3fa73a3e39dcf2a923f064c7cffba1b96b1031c5b71578692f2dd7eb52cd81b1

  • Size

    117KB

  • Sample

    240901-1bx1vasgrc

  • MD5

    baa5ddf29fa1a3bee383ad6d001c6144

  • SHA1

    62fcace101f7ee7f38716936b98677e0cbd03e47

  • SHA256

    3fa73a3e39dcf2a923f064c7cffba1b96b1031c5b71578692f2dd7eb52cd81b1

  • SHA512

    9366028f6ec53d6b32fc618cc50852e4bd2990819a06f44b052c722105d49ec6ffd54137b20b50726ae7c6c766b8f605ea15edcd559dca35ac44fd4ee61ce1e0

  • SSDEEP

    1536:V7Zf/FAxTWoJJ7TTQoQr7Zf/FAxTWoJJ7TTQoQ0:fny1oRJny1oR0

Score
9/10
discoveryransomwareupx

Malware Config

Targets

    • Target

      3fa73a3e39dcf2a923f064c7cffba1b96b1031c5b71578692f2dd7eb52cd81b1

    • Size

      117KB

    • MD5

      baa5ddf29fa1a3bee383ad6d001c6144

    • SHA1

      62fcace101f7ee7f38716936b98677e0cbd03e47

    • SHA256

      3fa73a3e39dcf2a923f064c7cffba1b96b1031c5b71578692f2dd7eb52cd81b1

    • SHA512

      9366028f6ec53d6b32fc618cc50852e4bd2990819a06f44b052c722105d49ec6ffd54137b20b50726ae7c6c766b8f605ea15edcd559dca35ac44fd4ee61ce1e0

    • SSDEEP

      1536:V7Zf/FAxTWoJJ7TTQoQr7Zf/FAxTWoJJ7TTQoQ0:fny1oRJny1oR0

    Score
    9/10
    discoveryransomwareupx

    • Renames multiple (4319) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks