8053bd1a5c42eb7e76bc047d6cfd649b22fb5ea51fbfac5f1b4ed8714853148c | Triage

Submit
Reports

Overview

overview

8

Static

static

8

sm_dm.exe

windows7_x64

5

sm_dm.exe

windows10_x64

5

Resubmissions

10-02-2021 23:11

210210-vawh2gpv7a 10

10-02-2021 23:08

210210-jznhdz6vba 8

Sharing

General

Target

sm_dm.exe
Size

1.1MB
Sample

210210-jznhdz6vba
MD5

c6d7d65481b1679c236e240a3fe80403
SHA1

2baa37f6abd060642811f6c822cfcc9e0f8d6d14
SHA256

8053bd1a5c42eb7e76bc047d6cfd649b22fb5ea51fbfac5f1b4ed8714853148c
SHA512

90fca329eda51194a80d2f51929937d8da3663e76cf5abac9ef4dcd25f033b3e9aa366b9b176025a5475c3dde295d5bbf375a5c88e1bb585606084abb80d3605

Score

8^/10

aspackv2

Static task

static1

Behavioral task

behavioral1

Sample

sm_dm.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

sm_dm.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  sm_dm.exe
- Size
  
  1.1MB
- MD5
  
  c6d7d65481b1679c236e240a3fe80403
- SHA1
  
  2baa37f6abd060642811f6c822cfcc9e0f8d6d14
- SHA256
  
  8053bd1a5c42eb7e76bc047d6cfd649b22fb5ea51fbfac5f1b4ed8714853148c
- SHA512
  
  90fca329eda51194a80d2f51929937d8da3663e76cf5abac9ef4dcd25f033b3e9aa366b9b176025a5475c3dde295d5bbf375a5c88e1bb585606084abb80d3605
Score

5^/10
- Drops file in System32 directory
- Enumerates physical storage devices
  Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy