Overview

overview

10

Static

static

1

NEW ORDER 2021.exe

windows7_x64

7

NEW ORDER 2021.exe

windows10_x64

10

Analysis

  • max time kernel
    117s
  • max time network
    117s
  • platform
    windows7_x64
  • resource
    win7-en-20211014
  • submitted
    05-11-2021 13:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEW ORDER 2021.exe

  • Size

    307KB

  • MD5

    e6bd805df7bb8a90503c4b1f5784bd3c

  • SHA1

    51d0e6942ca0732c5a3f2e2876d9216236bfc178

  • SHA256

    dd07d6d24f528663fa5cb854c523d5ba2b096a9b3dc23b466cef94355f0cdec9

  • SHA512

    f715ddcf9c169cbb2073f7e80afc151c09605717202da13b3eb40841077c2bbbbea4b996b13ca31abd1d6f38e89e583de9c1db7ad908ff5245299e95cc0625a5

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEW ORDER 2021.exe
    "C:\Users\Admin\AppData\Local\Temp\NEW ORDER 2021.exe"
    1⤵
    • Loads dropped DLL
    PID:684

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\nsoF6D.tmp\qyspb.dll
    MD5

    22a23f902e2e0860cf41e1534461282d

    SHA1

    290d37c360cbcd823a43be36b92d84cd2e69f9fe

    SHA256

    7038059f5e4caa6f5c64129f562cc7d406859c66bf5cee59025c0afc7ca80c66

    SHA512

    ad766d2d8ca97e8703ee93a7a0557d32909c7014ae3f438a9327d9b204f099ca83a5831b797a425393711075f3a773c662b4e21e13e7051ad093f0cefab65df6

    Download Submit
  • memory/684-55-0x0000000075D41000-0x0000000075D43000-memory.dmp
    Filesize

    8KB

    Download