Analysis
-
max time kernel
19s -
max time network
117s -
platform
windows10_x64 -
resource
win10v20210408 -
submitted
28-07-2021 08:41
Static task
static1
Behavioral task
behavioral1
Sample
Setup-9.05.0225.1111.exe
Resource
win7v20210408
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
Setup-9.05.0225.1111.exe
Resource
win10v20210408
windows10_x64
0 signatures
0 seconds
General
-
Target
Setup-9.05.0225.1111.exe
-
Size
31.1MB
-
MD5
3b8bba3ca09ba8bc57d51cc84b748826
-
SHA1
fe1abc07183929ca78d6e00b45737000ca01c0db
-
SHA256
713aa63fbb0078ec6ae542db18f5c557e96119ee3bf49fdb6bb1692b100de0ff
-
SHA512
b67d963408fdbbe00bdd21b1eed35827a9d8666689f23915ed7981457c4dd3976f4bac61912a23e70c6ca2b31ab981b666408a8653508448e05484aa3a89cf9c
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes:
Setup-9.05.0225.1111.exedescription pid process Token: SeDebugPrivilege 604 Setup-9.05.0225.1111.exe
Processes
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/604-114-0x0000000000660000-0x0000000000683000-memory.dmpFilesize
140KB