Overview

overview

9

Static

static

5

46ee40a3d1...5N.exe

windows7-x64

9

46ee40a3d1...5N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    46ee40a3d13d63aa957406e8023a549bd70c212e345d49fdcd72a9f1a592a755N

  • Size

    78KB

  • Sample

    240930-ffhrhayfqq

  • MD5

    ca55b318b62e4c8462caca851f4089b0

  • SHA1

    e1d8862cfff95a26e4f03fd3d67724ee92aead70

  • SHA256

    46ee40a3d13d63aa957406e8023a549bd70c212e345d49fdcd72a9f1a592a755

  • SHA512

    c492cd60a3ff7a0ac4790d5827f9fdd6108b4dbaa5d4240544df918ae5cc438ba52db83f878b417df08e602aca82b0b494156d2192d4a912542e5bc2b9bc5a3a

  • SSDEEP

    768:kBT37CPKKdJJ1EXBwzEXBwdcMcI9Hx3R9pi1xOR9pi1xdBT37CPKKdJJ1EXBwzEn:CTW7JJ7Th9ko9krTW7JJ7Th9ko9kD

Score
9/10
discoveryransomwareupx

Malware Config

Targets

    • Target

      46ee40a3d13d63aa957406e8023a549bd70c212e345d49fdcd72a9f1a592a755N

    • Size

      78KB

    • MD5

      ca55b318b62e4c8462caca851f4089b0

    • SHA1

      e1d8862cfff95a26e4f03fd3d67724ee92aead70

    • SHA256

      46ee40a3d13d63aa957406e8023a549bd70c212e345d49fdcd72a9f1a592a755

    • SHA512

      c492cd60a3ff7a0ac4790d5827f9fdd6108b4dbaa5d4240544df918ae5cc438ba52db83f878b417df08e602aca82b0b494156d2192d4a912542e5bc2b9bc5a3a

    • SSDEEP

      768:kBT37CPKKdJJ1EXBwzEXBwdcMcI9Hx3R9pi1xOR9pi1xdBT37CPKKdJJ1EXBwzEn:CTW7JJ7Th9ko9krTW7JJ7Th9ko9kD

    Score
    9/10
    discoveryransomwareupx

    • Renames multiple (4059) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks