Overview

overview

9

Static

static

7

e491a8bf78...2N.exe

windows7-x64

9

e491a8bf78...2N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e491a8bf784895903565f0549781663179ee98f009410d933ecde6cc7e68b452N

  • Size

    72KB

  • Sample

    240919-hdz9wawapm

  • MD5

    0b9e1ed6f0fe7ab0c04df930f62a0480

  • SHA1

    385bd4ce129ff9f1369a147cb1466759cbea0c44

  • SHA256

    e491a8bf784895903565f0549781663179ee98f009410d933ecde6cc7e68b452

  • SHA512

    4a5bd74885680e43c130ccac8882bccdf00255ec69eab9de4701599f9bd10accfda310629913c7f0f8f3589e37eb8507c3013778b84b2f5e4485036fa7969eaf

  • SSDEEP

    768:kBT37CPKKdJJcbQbf1Oti1JGBQOOiQJhATBaMYhOzBxBT37CPKKdJJcbQbf1OtiA:CTW7JJZENTBTYhQbTW7JJZENTBTYhQB

Score
9/10
discoveryransomwareupx

Malware Config

Targets

    • Target

      e491a8bf784895903565f0549781663179ee98f009410d933ecde6cc7e68b452N

    • Size

      72KB

    • MD5

      0b9e1ed6f0fe7ab0c04df930f62a0480

    • SHA1

      385bd4ce129ff9f1369a147cb1466759cbea0c44

    • SHA256

      e491a8bf784895903565f0549781663179ee98f009410d933ecde6cc7e68b452

    • SHA512

      4a5bd74885680e43c130ccac8882bccdf00255ec69eab9de4701599f9bd10accfda310629913c7f0f8f3589e37eb8507c3013778b84b2f5e4485036fa7969eaf

    • SSDEEP

      768:kBT37CPKKdJJcbQbf1Oti1JGBQOOiQJhATBaMYhOzBxBT37CPKKdJJcbQbf1OtiA:CTW7JJZENTBTYhQbTW7JJZENTBTYhQB

    Score
    9/10
    discoveryransomwareupx

    • Renames multiple (3671) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks