Overview

overview

8

Static

static

22222.exe

windows7_x64

8

22222.exe

windows10_x64

8

Analysis

  • max time kernel
    139s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7v20201028
  • submitted
    27/11/2020, 19:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    22222.exe

  • Size

    112KB

  • MD5

    429a052071b8a18293ab4f849cb80b97

  • SHA1

    c361bc4d23493335b4bd4d505b8e447a18b15b8d

  • SHA256

    e90cd8761306b7ee94fa9561e36a49323edb9a6e27213def9ecc93dbae3f2fb7

  • SHA512

    f90d6ada90505500b954a5ba348787bc5442842253b89b74bb0775281cfb0ba387d4d932a49c76c317f842f72e1003fd4e0dd1b4ada7e1dbc8457d445ba28e47

Score
8/10
ransomwarespyware

Malware Config

Signatures

  • Modifies extensions of user files 4 IoCs

    Ransomware generally changes the extension on encrypted files.

    ransomware
  • Drops startup file 1 IoCs
  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spyware

Processes

  • C:\Users\Admin\AppData\Local\Temp\22222.exe
    "C:\Users\Admin\AppData\Local\Temp\22222.exe"
    1⤵
    • Modifies extensions of user files
    • Drops startup file
    PID:756

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads