Overview

overview

9

Static

static

7

d6b432e242...b7.exe

windows7-x64

9

d6b432e242...b7.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d6b432e2426d8d771b3eeddd6488644736b289b7171a44155cad8a7c2d6204b7

  • Size

    137KB

  • Sample

    240701-dsgnvsxhjm

  • MD5

    cc9505c4798159b72ef1a6fae9f71277

  • SHA1

    58d4c38f9779e1b5b96a3f864c21c053e798b687

  • SHA256

    d6b432e2426d8d771b3eeddd6488644736b289b7171a44155cad8a7c2d6204b7

  • SHA512

    1643aa634648309bfdf22512e8686a2f4376c3baf22df7e252be259ebe8744c98bbd3d09594b1e5623f12bc54c290e788166c85bac292504767f43ac8732d765

  • SSDEEP

    1536:a7ZyqaFAxTWH1++PJHJXA/OsIZfzc3/Q8Q8/8fCm7ZyqaFAxTWH1++PJHJXA/Ose:enaypQSoskVnaypQSosk3

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      d6b432e2426d8d771b3eeddd6488644736b289b7171a44155cad8a7c2d6204b7

    • Size

      137KB

    • MD5

      cc9505c4798159b72ef1a6fae9f71277

    • SHA1

      58d4c38f9779e1b5b96a3f864c21c053e798b687

    • SHA256

      d6b432e2426d8d771b3eeddd6488644736b289b7171a44155cad8a7c2d6204b7

    • SHA512

      1643aa634648309bfdf22512e8686a2f4376c3baf22df7e252be259ebe8744c98bbd3d09594b1e5623f12bc54c290e788166c85bac292504767f43ac8732d765

    • SSDEEP

      1536:a7ZyqaFAxTWH1++PJHJXA/OsIZfzc3/Q8Q8/8fCm7ZyqaFAxTWH1++PJHJXA/Ose:enaypQSoskVnaypQSosk3

    Score
    9/10
    ransomwareupx

    • Renames multiple (1051) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks