Overview

overview

9

Static

static

7

c0aade4460...bN.exe

windows7-x64

9

c0aade4460...bN.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    c0aade4460a478c04e5f7300a77309a60c1b95a9135d81d9855a705a8d7ebabbN

  • Size

    57KB

  • Sample

    240921-yxl5cs1dpr

  • MD5

    4a0409a6f11344560ce6c92421f07f00

  • SHA1

    f0fdb6848140e868bb0fd6b8e0199a76cfc292e6

  • SHA256

    c0aade4460a478c04e5f7300a77309a60c1b95a9135d81d9855a705a8d7ebabb

  • SHA512

    48b8894945392241aff63e97a0cec6c0839df8b630fd6dd05567cd1e9c916e9b09066ecfe7f067901bc1582f1972eb6d9bd72806117417062e2a1f8b273c1687

  • SSDEEP

    768:kBT37CPKKdJJ1EXBwzEXBwdcMcI9HF/MF/NBT37CPKKdJJ1EXBwzEXBwdcMcI9H8:CTW7JJ7Tj2nTW7JJ7Tj2B

Score
9/10
discoveryransomwareupx

Malware Config

Targets

    • Target

      c0aade4460a478c04e5f7300a77309a60c1b95a9135d81d9855a705a8d7ebabbN

    • Size

      57KB

    • MD5

      4a0409a6f11344560ce6c92421f07f00

    • SHA1

      f0fdb6848140e868bb0fd6b8e0199a76cfc292e6

    • SHA256

      c0aade4460a478c04e5f7300a77309a60c1b95a9135d81d9855a705a8d7ebabb

    • SHA512

      48b8894945392241aff63e97a0cec6c0839df8b630fd6dd05567cd1e9c916e9b09066ecfe7f067901bc1582f1972eb6d9bd72806117417062e2a1f8b273c1687

    • SSDEEP

      768:kBT37CPKKdJJ1EXBwzEXBwdcMcI9HF/MF/NBT37CPKKdJJ1EXBwzEXBwdcMcI9H8:CTW7JJ7Tj2nTW7JJ7Tj2B

    Score
    9/10
    discoveryransomwareupx

    • Renames multiple (3551) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks