Analysis
-
max time kernel
16s -
max time network
0s -
platform
windows7_x64 -
resource
win7-de-20211014 -
submitted
18-11-2021 14:06
Static task
static1
Behavioral task
behavioral1
Sample
setup_x86_x64_install.exe
Resource
win7-ja-20211014
Behavioral task
behavioral2
Sample
setup_x86_x64_install.exe
Resource
win7-en-20211014
Behavioral task
behavioral3
Sample
setup_x86_x64_install.exe
Resource
win7-de-20211014
Behavioral task
behavioral4
Sample
setup_x86_x64_install.exe
Resource
win11
Behavioral task
behavioral5
Sample
setup_x86_x64_install.exe
Resource
win10-ja-20211014
Behavioral task
behavioral6
Sample
setup_x86_x64_install.exe
Resource
win10-en-20211014
Behavioral task
behavioral7
Sample
setup_x86_x64_install.exe
Resource
win10-de-20211014
General
-
Target
setup_x86_x64_install.exe
-
Size
10.5MB
-
MD5
b70883d05d292eeba3f756730a7d62bb
-
SHA1
301bc3e6004f421ed035d9f4091ebce6fc789660
-
SHA256
e8c56bc5bf674b494dd03d856c03c1ecfaf70e578c09f634cf66b09534f05c02
-
SHA512
83687a8f862f2448f1b3fdbd3523248baa1a614598ba7389d79a9c8c5debdea4bef97a048481b43a1f13cea28b73ba18f5b38775772629c253454588828128e6
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1884-55-0x00000000755A1000-0x00000000755A3000-memory.dmpFilesize
8KB