Overview

overview

9

Static

static

7

9956275540...96.exe

windows7-x64

9

9956275540...96.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    99562755401fa4f4cf5c877914b610bb251b83f93d4e26e565832716c140a096

  • Size

    82KB

  • Sample

    240913-nrywvszepf

  • MD5

    1ad2240c4534cb6ed5a67e13ef4600dd

  • SHA1

    4af5084fc96d611344dcaa913ad33c75737f2524

  • SHA256

    99562755401fa4f4cf5c877914b610bb251b83f93d4e26e565832716c140a096

  • SHA512

    12c31b0dcce8498efaaf22c91dbe172d4a2692e87f240c766af004c53d9ceb772870865fe860a379e1b5b70732250c143c83927f728cbaae13fb14757cc55bf8

  • SSDEEP

    1536:CTWkySSh9j+9jpGnYTWkySSh9j+9jpGn5wf:aySSh9j+9jUnIySSh9j+9jUn5wf

Score
9/10
discoveryransomwareupx

Malware Config

Targets

    • Target

      99562755401fa4f4cf5c877914b610bb251b83f93d4e26e565832716c140a096

    • Size

      82KB

    • MD5

      1ad2240c4534cb6ed5a67e13ef4600dd

    • SHA1

      4af5084fc96d611344dcaa913ad33c75737f2524

    • SHA256

      99562755401fa4f4cf5c877914b610bb251b83f93d4e26e565832716c140a096

    • SHA512

      12c31b0dcce8498efaaf22c91dbe172d4a2692e87f240c766af004c53d9ceb772870865fe860a379e1b5b70732250c143c83927f728cbaae13fb14757cc55bf8

    • SSDEEP

      1536:CTWkySSh9j+9jpGnYTWkySSh9j+9jpGn5wf:aySSh9j+9jUnIySSh9j+9jUn5wf

    Score
    9/10
    discoveryransomwareupx

    • Renames multiple (5099) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks