Analysis
-
max time kernel
119s -
max time network
119s -
platform
windows10_x64 -
resource
win10-en-20211014 -
submitted
07-12-2021 12:58
Static task
static1
Behavioral task
behavioral1
Sample
3e61310d73f940456ca103f5ab8047285613d9a949a316c055676d3337cf5df7.exe
Resource
win10-en-20211014
General
-
Target
3e61310d73f940456ca103f5ab8047285613d9a949a316c055676d3337cf5df7.exe
-
Size
12.5MB
-
MD5
89ef9e58ff02f11b0d7a7ac241838824
-
SHA1
5db16e26000efcd7598d5bfce402fc243c96046f
-
SHA256
3e61310d73f940456ca103f5ab8047285613d9a949a316c055676d3337cf5df7
-
SHA512
85054ae34bab3af8339049ace3172d9c78a8945aff54fbcce7217ccc1dd90144661460c02c19208519ebde2abf9108604cf89b97b3000340854859820c4bc5a7
Malware Config
Signatures
-
Loads dropped DLL 2 IoCs
Processes:
3e61310d73f940456ca103f5ab8047285613d9a949a316c055676d3337cf5df7.exepid process 4300 3e61310d73f940456ca103f5ab8047285613d9a949a316c055676d3337cf5df7.exe 4300 3e61310d73f940456ca103f5ab8047285613d9a949a316c055676d3337cf5df7.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
\Users\Admin\AppData\Local\Temp\nsb57C.tmp\System.dllMD5
2e025e2cee2953cce0160c3cd2e1a64e
SHA1dec3da040ea72d63528240598bf14f344efb2a76
SHA256d821a62802900b068dcf61ddc9fdff2f7ada04b706815ab6e5038b21543da8a5
SHA5123cafce382b605a68e5a3f35f95b32761685112c5a9da9f87b0a06ec13da4155145bd06ffb63131bf87c3dc8bd61cb085884c5e78c832386d70397e3974854860
-
\Users\Admin\AppData\Local\Temp\nsb57C.tmp\nsDialogs.dllMD5
65373b20dbff5c3834548dd7330bb0c1
SHA118a160aa0ba10be95f7a95b244c3bf02a3bbfcd6
SHA25657a001c9770c864f983aa33e4c81e60cac4335b83dc036e269f0727a629dd221
SHA5124634b60a83f2524050970ac6c991f4dbfdbbd98a1173415dbb46fe6c8932b1cb2a758ba77d0c8eae5c6134d899135ea4094023f1145b6b5ee78d3728ebd8ef4a