ad3a864cb18f75cfb624a51b941c0b362ad54879715c33098f5b21a3246b2576 | Triage

Submit
Reports

Overview

overview

9

Static

static

7

ad3a864cb1...6N.exe

windows7-x64

9

ad3a864cb1...6N.exe

windows10-2004-x64

9

Sharing

General

Target

ad3a864cb18f75cfb624a51b941c0b362ad54879715c33098f5b21a3246b2576N
Size

96KB
Sample

240919-hw8zqswfjf
MD5

4b2ac7022862e2541ba18865bff45070
SHA1

d7ea5078c63076f7cc2eb6723ede33b486f981e4
SHA256

ad3a864cb18f75cfb624a51b941c0b362ad54879715c33098f5b21a3246b2576
SHA512

3f2bd8938f33c306e93108d7b6c48346a263a454bf8cf1df950455fd8d401c9c05fd1c42104f5c89a4b9a0053b9e37a47a22fcd1a415166741213f0377037a1b
SSDEEP

3072:aySSh9j+9jUnbkNkWySSh9j+9jUnbkNkx:aySSBn4+WySSBn4+x

Score

9^/10

discovery ransomware upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

ad3a864cb18f75cfb624a51b941c0b362ad54879715c33098f5b21a3246b2576N.exe

Resource

win7-20240704-en

discovery ransomware upx

windows7-x64

8 signatures

120 seconds

Behavioral task

behavioral2

Sample

ad3a864cb18f75cfb624a51b941c0b362ad54879715c33098f5b21a3246b2576N.exe

Resource

win10v2004-20240802-en

discovery ransomware upx

windows10-2004-x64

7 signatures

120 seconds

Malware Config

Targets

- Target
  
  ad3a864cb18f75cfb624a51b941c0b362ad54879715c33098f5b21a3246b2576N
- Size
  
  96KB
- MD5
  
  4b2ac7022862e2541ba18865bff45070
- SHA1
  
  d7ea5078c63076f7cc2eb6723ede33b486f981e4
- SHA256
  
  ad3a864cb18f75cfb624a51b941c0b362ad54879715c33098f5b21a3246b2576
- SHA512
  
  3f2bd8938f33c306e93108d7b6c48346a263a454bf8cf1df950455fd8d401c9c05fd1c42104f5c89a4b9a0053b9e37a47a22fcd1a415166741213f0377037a1b
- SSDEEP
  
  3072:aySSh9j+9jUnbkNkWySSh9j+9jUnbkNkx:aySSBn4+WySSBn4+x
Score

9^/10

discovery ransomware upx
- Renames multiple (4225) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomwareupx

behavioral2

discoveryransomwareupx

© 2018-2025

Terms | Privacy