Overview

overview

9

Static

static

5

a7c2f2c7ae...1N.exe

windows7-x64

9

a7c2f2c7ae...1N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a7c2f2c7aebb81842c59d43b95e30d9a0456b59119f915975e695b326ad8a1a1N

  • Size

    177KB

  • Sample

    241006-jk67favhqm

  • MD5

    abf351c15939cbd83180d974efc01430

  • SHA1

    bccc4d007fa3213e5449b7b03dff746575bbac50

  • SHA256

    a7c2f2c7aebb81842c59d43b95e30d9a0456b59119f915975e695b326ad8a1a1

  • SHA512

    8c44841b40bfd27255142258d7aa000bea9a567488048c8e716627cc6a02577591f38cfe53a163728c582d3717c5b48a57cc2ac5fee64cc850c7392731ba36ae

  • SSDEEP

    1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8zxY5TUhUV7Zf/FAxTWY1++PJHJXA/OsZ:fnyiQSox5AufnyiQSox5Auy

Score
9/10
discoveryransomwareupx

Malware Config

Targets

    • Target

      a7c2f2c7aebb81842c59d43b95e30d9a0456b59119f915975e695b326ad8a1a1N

    • Size

      177KB

    • MD5

      abf351c15939cbd83180d974efc01430

    • SHA1

      bccc4d007fa3213e5449b7b03dff746575bbac50

    • SHA256

      a7c2f2c7aebb81842c59d43b95e30d9a0456b59119f915975e695b326ad8a1a1

    • SHA512

      8c44841b40bfd27255142258d7aa000bea9a567488048c8e716627cc6a02577591f38cfe53a163728c582d3717c5b48a57cc2ac5fee64cc850c7392731ba36ae

    • SSDEEP

      1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8zxY5TUhUV7Zf/FAxTWY1++PJHJXA/OsZ:fnyiQSox5AufnyiQSox5Auy

    Score
    9/10
    discoveryransomwareupx

    • Renames multiple (3737) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks