General
-
Target
kart bilgisi.exe
-
Size
184KB
-
Sample
210120-fglvns3d5a
-
MD5
080f85630e81b40058cb88ac0b1d5d7e
-
SHA1
eb63bdf9c9a51836438d2ff8bce5f505f86aeefd
-
SHA256
ab64843d1074c1091118c175f2ca85e43d66a7918faf479be9d6d2613583fce3
-
SHA512
e564f166d88efab36e5cce905dff61e6e3712c5c6a341eedb5d943869935bbfd397ca9d5d0e359405781886ccf0f139cacff61e0ca6a5ff80a1c129ac8b096b0
Static task
static1
Behavioral task
behavioral1
Sample
kart bilgisi.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
kart bilgisi.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
kart bilgisi.exe
-
Size
184KB
-
MD5
080f85630e81b40058cb88ac0b1d5d7e
-
SHA1
eb63bdf9c9a51836438d2ff8bce5f505f86aeefd
-
SHA256
ab64843d1074c1091118c175f2ca85e43d66a7918faf479be9d6d2613583fce3
-
SHA512
e564f166d88efab36e5cce905dff61e6e3712c5c6a341eedb5d943869935bbfd397ca9d5d0e359405781886ccf0f139cacff61e0ca6a5ff80a1c129ac8b096b0
Score10/10-
Enumerates physical storage devices
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Suspicious use of SetThreadContext
-