Overview

overview

9

Static

static

7

3449df1cce...4N.exe

windows7-x64

9

3449df1cce...4N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3449df1ccecbe741ba619085b8e965fa21af2ddb73e887b273b8d74760c48dc4N

  • Size

    142KB

  • Sample

    240918-lag6nsshqa

  • MD5

    48f80a0e5463daa0d4c578d7dc5b8f60

  • SHA1

    fcbc25f4c649551f57e5ccea4410e2b99619ca1a

  • SHA256

    3449df1ccecbe741ba619085b8e965fa21af2ddb73e887b273b8d74760c48dc4

  • SHA512

    f29dd7e3312cdb7c8f8b6a29abb8b04fd7a1991e874396c3757a58712c512a26b46abbdd46e3925c0afa36604c69189d4061b329646f4da8772bd38fa3ca2ebd

  • SSDEEP

    1536:CTWn1++PJHJXA/OsIZfzc3/Q8asUsJOLKc/xJtLJtTGl03TWn1++PJHJXA/OsIZi:KQSohsUsUK90TQSohsUsUK90I

Score
9/10
discoveryransomwareupx

Malware Config

Targets

    • Target

      3449df1ccecbe741ba619085b8e965fa21af2ddb73e887b273b8d74760c48dc4N

    • Size

      142KB

    • MD5

      48f80a0e5463daa0d4c578d7dc5b8f60

    • SHA1

      fcbc25f4c649551f57e5ccea4410e2b99619ca1a

    • SHA256

      3449df1ccecbe741ba619085b8e965fa21af2ddb73e887b273b8d74760c48dc4

    • SHA512

      f29dd7e3312cdb7c8f8b6a29abb8b04fd7a1991e874396c3757a58712c512a26b46abbdd46e3925c0afa36604c69189d4061b329646f4da8772bd38fa3ca2ebd

    • SSDEEP

      1536:CTWn1++PJHJXA/OsIZfzc3/Q8asUsJOLKc/xJtLJtTGl03TWn1++PJHJXA/OsIZi:KQSohsUsUK90TQSohsUsUK90I

    Score
    9/10
    discoveryransomwareupx

    • Renames multiple (4180) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks