Analysis
-
max time kernel
124s -
max time network
172s -
platform
windows7_x64 -
resource
win7v20210408 -
submitted
02-09-2021 19:09
Static task
static1
Behavioral task
behavioral1
Sample
Anime-Fighters-Infin_734316524.exe
Resource
win7-en
Behavioral task
behavioral2
Sample
Anime-Fighters-Infin_734316524.exe
Resource
win10-en
Behavioral task
behavioral3
Sample
__xiibsjtw.kau.exe
Resource
win7v20210408
Behavioral task
behavioral4
Sample
__xiibsjtw.kau.exe
Resource
win10-en
General
-
Target
__xiibsjtw.kau.exe
-
Size
5.9MB
-
MD5
57520f580ba9eea9cf87fe5d597af880
-
SHA1
47fd9f66c205dfa28212ae60b3640861c8634a74
-
SHA256
795df135da908b0f6ddc88660741a38ebdf34914296b1dd6326a337cf35ed22b
-
SHA512
6a8503435eedd4a98d3ec4fd71af5ec797d8f6fe1c41e1c1cc0e24dea8ce4894f2df64a96d29ca478e85276d0810bda21b299273dcb14ba96b6c5fa4f6f0799b
Malware Config
Signatures
-
Loads dropped DLL 2 IoCs
pid Process 1076 __xiibsjtw.kau.exe 1076 __xiibsjtw.kau.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1076 __xiibsjtw.kau.exe