Overview

overview

7

Static

static

deemix-gui Setup.exe

windows7_x64

7

deemix-gui Setup.exe

windows10_x64

7

Analysis

  • max time kernel
    268s
  • max time network
    273s
  • platform
    windows10_x64
  • resource
    win10v20210410
  • submitted
    19-06-2021 18:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    deemix-gui Setup.exe

  • Size

    53.2MB

  • MD5

    6644bd818f5e0d669019759089f693e8

  • SHA1

    b738a194fda3949001fc6acec66a8fff5f982fe0

  • SHA256

    3c325eaeacc486269d5eb48812181a5cba605869ca3daf82c1206b8a97fa1244

  • SHA512

    add6689f4f65bffb5013961bd5d0ff6bba7e61152279f21c6f6451d294bee45f4c32bf046ff163a12fc385002a28c930eabf67093842a7b6f50c7728b859b573

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

Processes

  • C:\Users\Admin\AppData\Local\Temp\deemix-gui Setup.exe
    "C:\Users\Admin\AppData\Local\Temp\deemix-gui Setup.exe"
    1⤵
    • Loads dropped DLL
    PID:3652

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\nsf210C.tmp\StdUtils.dll
    MD5

    c6a6e03f77c313b267498515488c5740

    SHA1

    3d49fc2784b9450962ed6b82b46e9c3c957d7c15

    SHA256

    b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e

    SHA512

    9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803

    Download Submit
  • \Users\Admin\AppData\Local\Temp\nsf210C.tmp\System.dll
    MD5

    0d7ad4f45dc6f5aa87f606d0331c6901

    SHA1

    48df0911f0484cbe2a8cdd5362140b63c41ee457

    SHA256

    3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca

    SHA512

    c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

    Download Submit
  • \Users\Admin\AppData\Local\Temp\nsf210C.tmp\UAC.dll
    MD5

    adb29e6b186daa765dc750128649b63d

    SHA1

    160cbdc4cb0ac2c142d361df138c537aa7e708c9

    SHA256

    2f7f8fc05dc4fd0d5cda501b47e4433357e887bbfed7292c028d99c73b52dc08

    SHA512

    b28adcccf0c33660fecd6f95f28f11f793dc9988582187617b4c113fb4e6fdad4cf7694cd8c0300a477e63536456894d119741a940dda09b7df3ff0087a7eada

    Download Submit