Overview

overview

9

Static

static

7

fe389a4fd6...bf.exe

windows7-x64

9

fe389a4fd6...bf.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fe389a4fd60fe7533307776aeaccebbc404fbe290d104f760531b9e1b83bd1bf

  • Size

    137KB

  • Sample

    240701-fmxh8sxalg

  • MD5

    7cded47bc0af6f2b02d3e2ae1fb20d8a

  • SHA1

    c2fa2caf897020afec2845c99569a5d8e4ef4e79

  • SHA256

    fe389a4fd60fe7533307776aeaccebbc404fbe290d104f760531b9e1b83bd1bf

  • SHA512

    6b7e8c35c6ba985c38f6e0b58c56df48b4245a88eb52ee8bb1e1be217ba45fa9ceb36ee37835914411524b64c1057c27847e23117ab23af0408ca6a7dcd69666

  • SSDEEP

    1536:a7ZyqaFAxTWH1++PJHJXA/OsIZfzc3/Q8Q8/8fC67ZyqaFAxTWH1++PJHJXA/Os7:enaypQSoskJnaypQSosk6

Score
9/10
ransomwareupx

Malware Config

Targets

    • Target

      fe389a4fd60fe7533307776aeaccebbc404fbe290d104f760531b9e1b83bd1bf

    • Size

      137KB

    • MD5

      7cded47bc0af6f2b02d3e2ae1fb20d8a

    • SHA1

      c2fa2caf897020afec2845c99569a5d8e4ef4e79

    • SHA256

      fe389a4fd60fe7533307776aeaccebbc404fbe290d104f760531b9e1b83bd1bf

    • SHA512

      6b7e8c35c6ba985c38f6e0b58c56df48b4245a88eb52ee8bb1e1be217ba45fa9ceb36ee37835914411524b64c1057c27847e23117ab23af0408ca6a7dcd69666

    • SSDEEP

      1536:a7ZyqaFAxTWH1++PJHJXA/OsIZfzc3/Q8Q8/8fC67ZyqaFAxTWH1++PJHJXA/Os7:enaypQSoskJnaypQSosk6

    Score
    9/10
    ransomwareupx

    • Renames multiple (3886) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks