Overview

overview

9

Static

static

7

408417384a...0N.exe

windows7-x64

9

408417384a...0N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    408417384ad643700549d33801d7b7c0N.exe

  • Size

    64KB

  • Sample

    240905-py7ysa1crl

  • MD5

    408417384ad643700549d33801d7b7c0

  • SHA1

    67af37fa372cdce3fc7cc73bf59bc4db0ba5bcaa

  • SHA256

    dd610d6d37167ef9355132b91a17238f13cec8ffec96ed50c4c26b8c6afeed28

  • SHA512

    7308be3d4a6da33e7cf032d386f5ff37eb5a4cd3e69ae23d606c49edbf3c296519c4370e2050dea1e88375d7413a194affb2cf09723450fb674a03a1fc68427e

  • SSDEEP

    768:kBT37CPKKdJJ1EXBwzEXBwdcMcI97LjLNLjLzBT37CPKKdJJ1EXBwzEXBwdcMcIM:CTW7JJ7T1vJvZTW7JJ7T1vJv0

Score
9/10
discoveryransomwareupx

Malware Config

Targets

    • Target

      408417384ad643700549d33801d7b7c0N.exe

    • Size

      64KB

    • MD5

      408417384ad643700549d33801d7b7c0

    • SHA1

      67af37fa372cdce3fc7cc73bf59bc4db0ba5bcaa

    • SHA256

      dd610d6d37167ef9355132b91a17238f13cec8ffec96ed50c4c26b8c6afeed28

    • SHA512

      7308be3d4a6da33e7cf032d386f5ff37eb5a4cd3e69ae23d606c49edbf3c296519c4370e2050dea1e88375d7413a194affb2cf09723450fb674a03a1fc68427e

    • SSDEEP

      768:kBT37CPKKdJJ1EXBwzEXBwdcMcI97LjLNLjLzBT37CPKKdJJ1EXBwzEXBwdcMcIM:CTW7JJ7T1vJvZTW7JJ7T1vJv0

    Score
    9/10
    discoveryransomwareupx

    • Renames multiple (5097) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks