Overview

overview

9

Static

static

7

9994737a8c...0N.exe

windows7-x64

9

9994737a8c...0N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9994737a8c6561d4c0535f8733a6867b322edc7280d6a6f5d12d341a1f257cb0N

  • Size

    64KB

  • Sample

    240919-d6hhbayfqb

  • MD5

    bbaa5083ef0481ca7d906833eeef3580

  • SHA1

    0c7a48ea03b4437ac53d00bdec7029a30d35ae24

  • SHA256

    9994737a8c6561d4c0535f8733a6867b322edc7280d6a6f5d12d341a1f257cb0

  • SHA512

    f70585277f2f23280b840f2a52dbb64d9e6d086fe2f273c0c7cab4e6436ed96e967e38552ac26e783ad5085d23d4f0d40b3caa9cf324aeb4f68107bcc2c2363d

  • SSDEEP

    1536:CTW7JJZENTNyl2Sm0mHTW7JJZENTNyl2Sm0mO:htE42etE42s

Score
9/10
discoveryransomwareupx

Malware Config

Targets

    • Target

      9994737a8c6561d4c0535f8733a6867b322edc7280d6a6f5d12d341a1f257cb0N

    • Size

      64KB

    • MD5

      bbaa5083ef0481ca7d906833eeef3580

    • SHA1

      0c7a48ea03b4437ac53d00bdec7029a30d35ae24

    • SHA256

      9994737a8c6561d4c0535f8733a6867b322edc7280d6a6f5d12d341a1f257cb0

    • SHA512

      f70585277f2f23280b840f2a52dbb64d9e6d086fe2f273c0c7cab4e6436ed96e967e38552ac26e783ad5085d23d4f0d40b3caa9cf324aeb4f68107bcc2c2363d

    • SSDEEP

      1536:CTW7JJZENTNyl2Sm0mHTW7JJZENTNyl2Sm0mO:htE42etE42s

    Score
    9/10
    discoveryransomwareupx

    • Renames multiple (3576) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks