Resubmissions

07-05-2021 10:07

210507-1pvd3vwnds 8

04-05-2021 15:14

210504-ffc4l5kase 10

Analysis

  • max time kernel
    312s
  • max time network
    372s
  • platform
    windows10_x64
  • resource
    win10v20210408
  • submitted
    07-05-2021 10:07

General

  • Target

    222.exe

  • Size

    33KB

  • MD5

    c72ffdba16d7bcb0425b5649c04a992d

  • SHA1

    f5fec549a29fab9adcd6016e7caf85962bca2218

  • SHA256

    d07c227a7d73abe3eb7da6c7f23f5de256be3b1a610a7f620ca64e4f7410f04e

  • SHA512

    a291ad69c6c38227b732bc2a632c68931899054ed533e064d8be0047cc7111f3b642a14143f098ab5ed2ed6e420e778c6506a42184920f43efb246dbb9b3ce56

Score
8/10

Malware Config

Signatures

  • Modifies extensions of user files 5 IoCs

    Ransomware generally changes the extension on encrypted files.

Processes

  • C:\Users\Admin\AppData\Local\Temp\222.exe
    "C:\Users\Admin\AppData\Local\Temp\222.exe"
    1⤵
    • Modifies extensions of user files
    PID:808

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/808-114-0x0000000000020000-0x0000000000021000-memory.dmp

    Filesize

    4KB

  • memory/808-116-0x0000000000720000-0x0000000000722000-memory.dmp

    Filesize

    8KB

  • memory/808-117-0x000000001AC10000-0x000000001AC12000-memory.dmp

    Filesize

    8KB