Overview

overview

9

Static

static

5

ec2836ff41...c3.exe

windows7-x64

9

ec2836ff41...c3.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ec2836ff41fafea2fb0a235a62d5d641c4121bc4e24548553e90e10e8f76edc3

  • Size

    212KB

  • Sample

    240925-dwadysvfnb

  • MD5

    33d6dd127231bb3963c7d19b3f2bbf87

  • SHA1

    21b1f939e079da727e3a0001e4cf454af7495640

  • SHA256

    ec2836ff41fafea2fb0a235a62d5d641c4121bc4e24548553e90e10e8f76edc3

  • SHA512

    bda0b837b1cf36812e9975e1678c9218f128a0da1b51541d326aa2defbcec8346af4dac0ade70e8fc6ad1f4a9dad770a485869606976998d93c9633b15adeadf

  • SSDEEP

    1536:V7Zf/FAxTWoJJTU3UytJfOcTW7JJTU3UytJfOO57Zf/FAxTWoJJTU3UytJfOcTWG:fny1x2ny1xruduC

Score
9/10
discoveryransomwareupx

Malware Config

Targets

    • Target

      ec2836ff41fafea2fb0a235a62d5d641c4121bc4e24548553e90e10e8f76edc3

    • Size

      212KB

    • MD5

      33d6dd127231bb3963c7d19b3f2bbf87

    • SHA1

      21b1f939e079da727e3a0001e4cf454af7495640

    • SHA256

      ec2836ff41fafea2fb0a235a62d5d641c4121bc4e24548553e90e10e8f76edc3

    • SHA512

      bda0b837b1cf36812e9975e1678c9218f128a0da1b51541d326aa2defbcec8346af4dac0ade70e8fc6ad1f4a9dad770a485869606976998d93c9633b15adeadf

    • SSDEEP

      1536:V7Zf/FAxTWoJJTU3UytJfOcTW7JJTU3UytJfOO57Zf/FAxTWoJJTU3UytJfOcTWG:fny1x2ny1xruduC

    Score
    9/10
    discoveryransomwareupx

    • Renames multiple (3528) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks