Overview

overview

9

Static

static

7

9f2511ba1f...37.exe

windows7-x64

9

9f2511ba1f...37.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    9f2511ba1fd10d8ecf1d3bc6f294da8bb4e43161253346a9b5909e34205b1237

  • Size

    89KB

  • Sample

    240902-b7wp8ayhpa

  • MD5

    66eac33ff67a02d384004a669434362a

  • SHA1

    b822befe0c3739c5f546965934f28e4d6de8927b

  • SHA256

    9f2511ba1fd10d8ecf1d3bc6f294da8bb4e43161253346a9b5909e34205b1237

  • SHA512

    d763393380891a1346e68a8e2ad37ee0f5e5306dca8eb2e23340730574bcfcca51c9cf55c105271de3363a3bbb31283e2a85196029aa54e5e9f7e05e25093d72

  • SSDEEP

    1536:CTW7JJ7TTQoQWkjkBTW7JJ7TTQoQWkjkxyKoIWbsHfySkT5GeCyi348oWGRPOzki:hoRVAKoRVAxyKoIWbsHfySkT5GeCyi3l

Score
9/10
discoveryransomwareupx

Malware Config

Targets

    • Target

      9f2511ba1fd10d8ecf1d3bc6f294da8bb4e43161253346a9b5909e34205b1237

    • Size

      89KB

    • MD5

      66eac33ff67a02d384004a669434362a

    • SHA1

      b822befe0c3739c5f546965934f28e4d6de8927b

    • SHA256

      9f2511ba1fd10d8ecf1d3bc6f294da8bb4e43161253346a9b5909e34205b1237

    • SHA512

      d763393380891a1346e68a8e2ad37ee0f5e5306dca8eb2e23340730574bcfcca51c9cf55c105271de3363a3bbb31283e2a85196029aa54e5e9f7e05e25093d72

    • SSDEEP

      1536:CTW7JJ7TTQoQWkjkBTW7JJ7TTQoQWkjkxyKoIWbsHfySkT5GeCyi348oWGRPOzki:hoRVAKoRVAxyKoIWbsHfySkT5GeCyi3l

    Score
    9/10
    discoveryransomwareupx

    • Renames multiple (4401) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks