Overview

overview

10

Static

static

1

cheat_417615128.exe

windows7_x64

10

cheat_417615128.exe

windows10_x64

8

tesetup.exe

windows7_x64

9

tesetup.exe

windows10_x64

7

Analysis

  • max time kernel
    14s
  • max time network
    74s
  • platform
    windows10_x64
  • resource
    win10v20201028
  • submitted
    13-02-2021 17:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    tesetup.exe

  • Size

    8.5MB

  • MD5

    e2117b1bcb242413dac0c2ab781185cf

  • SHA1

    87b125bd59fc9ff51e2b34ce7af0fcb63e4a906b

  • SHA256

    17f049fecfce6461a398d914d6c265d0e0a074fa601310698b436445135b4797

  • SHA512

    abdeb1512b4b4488b6b1c9fb0bfeba3cd5dae3eb3ac25d530497fd7cde4dc1dccd3fbc953afef404234b6c79e1d128b70807a332c54684cf17168b4eaba56362

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

Processes

  • C:\Users\Admin\AppData\Local\Temp\tesetup.exe
    "C:\Users\Admin\AppData\Local\Temp\tesetup.exe"
    1⤵
    • Loads dropped DLL
    PID:640

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\nsm8A55.tmp\System.dll
    MD5

    0063d48afe5a0cdc02833145667b6641

    SHA1

    e7eb614805d183ecb1127c62decb1a6be1b4f7a8

    SHA256

    ac9dfe3b35ea4b8932536ed7406c29a432976b685cc5322f94ef93df920fede7

    SHA512

    71cbbcaeb345e09306e368717ea0503fe8df485be2e95200febc61bcd8ba74fb4211cd263c232f148c0123f6c6f2e3fd4ea20bdecc4070f5208c35c6920240f0

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsm8A55.tmp\nsDialogs.dll
    MD5

    6e64e5d5f9498058a300b26b8741d9d5

    SHA1

    837ce28e5e02788da63a7f1d8f20207d2b0bf523

    SHA256

    8d4b1c275fd1cd0782a265080b56d1aec8d1c93edca5ef3b050d1d20d7b61f33

    SHA512

    f53514d36021d79f85df2494d403f03589b3ad848889b9224f962cc932ef740f127131a914c7171ad8136ca1ef631285ea1c80576db18ccf8ea56940eb00ea1e

    Download Submit