Analysis
-
max time kernel
163s -
max time network
163s -
platform
windows10_x64 -
resource
win10-en-20211208 -
submitted
28-01-2022 13:34
General
-
Target
01/2015.5.27/07.exe
-
Size
180KB
-
MD5
6b0b9ad0c784552500e86aba824c0aaf
-
SHA1
1f571f395edc5722cb80bfd3e2f39730876a1019
-
SHA256
233aa10f5c89d48d93c689c7593bba95e29bc570e2819317d4863471ecf2dc02
-
SHA512
7259a760c5a4b9a24f698ae9239a417a5818b0195c32d06db61acda804817aa1063d499f93e58d3a0a4827d5c32f9982d3c5809a1cb738962cb65f0c0c41b81a
Score
7/10
Malware Config
Signatures
-
Drops startup file 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
-
C:\Users\Admin\AppData\Local\Temp\01\2015.5.27\07.exe"C:\Users\Admin\AppData\Local\Temp\01\2015.5.27\07.exe"1⤵
- Drops startup file
- Loads dropped DLL
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
\Users\Admin\AppData\Local\Temp\338fdddd.dllMD5
a034e46eed7c6d2d45bc1ab7b260db9a
SHA10630f23acc36f0fc927e09d835a47d68bba20fb6
SHA256c341b6577a4575082e9bdc6299e2fc8dc34f8749a4b635fc1b4112a96342f588
SHA5129e09e57e0fd7e8934c9be70d0decd21a01618c01f52c8267e1126200bdc92bbcc76d9875a6b9cf483675a28ec7dabd111aa04c08e7eb085c8ae01107a5474010
-
memory/2512-116-0x0000000002F90000-0x0000000002FAD000-memory.dmpFilesize
116KB