Overview
overview
10Static
static
1001/2015.5.27/01.vir
windows7_x64
301/2015.5.27/01.vir
windows10_x64
3PER-DCOMP-...ao.dll
windows7_x64
1PER-DCOMP-...ao.dll
windows10_x64
101/2015.5.27/03.exe
windows7_x64
801/2015.5.27/03.exe
windows10_x64
801/2015.5.27/04.exe
windows7_x64
101/2015.5.27/04.exe
windows10_x64
101/2015.5.27/05.exe
windows7_x64
1001/2015.5.27/05.exe
windows10_x64
1001/2015.5.27/07.exe
windows7_x64
701/2015.5.27/07.exe
windows10_x64
701/2015.5.27/09.exe
windows7_x64
1001/2015.5.27/09.exe
windows10_x64
1001/2015.5.27/10.exe
windows7_x64
1001/2015.5.27/10.exe
windows10_x64
1001/2015.5.27/12.pdf
windows7_x64
101/2015.5.27/12.pdf
windows10_x64
101/2015.5.27/13.pdf
windows7_x64
101/2015.5.27/13.pdf
windows10_x64
101/2015.5.27/14.exe
windows7_x64
801/2015.5.27/14.exe
windows10_x64
801/2015.5.27/15.dll
windows7_x64
101/2015.5.27/15.dll
windows10_x64
101/2015.5.27/16.rtf
windows7_x64
1001/2015.5.27/16.rtf
windows10_x64
101/2015.5.27/17.pdf
windows7_x64
101/2015.5.27/17.pdf
windows10_x64
101/2015.5.27/18.doc
windows7_x64
101/2015.5.27/18.doc
windows10_x64
1Analysis
-
max time kernel
163s -
max time network
163s -
platform
windows10_x64 -
resource
win10-en-20211208 -
submitted
28-01-2022 13:34
Behavioral task
behavioral1
Sample
01/2015.5.27/01.vir
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
01/2015.5.27/01.vir
Resource
win10-en-20211208
Behavioral task
behavioral3
Sample
PER-DCOMP-Intimacao.dll
Resource
win7-en-20211208
Behavioral task
behavioral4
Sample
PER-DCOMP-Intimacao.dll
Resource
win10-en-20211208
Behavioral task
behavioral5
Sample
01/2015.5.27/03.exe
Resource
win7-en-20211208
Behavioral task
behavioral6
Sample
01/2015.5.27/03.exe
Resource
win10-en-20211208
Behavioral task
behavioral7
Sample
01/2015.5.27/04.exe
Resource
win7-en-20211208
Behavioral task
behavioral8
Sample
01/2015.5.27/04.exe
Resource
win10-en-20211208
Behavioral task
behavioral9
Sample
01/2015.5.27/05.exe
Resource
win7-en-20211208
Behavioral task
behavioral10
Sample
01/2015.5.27/05.exe
Resource
win10-en-20211208
Behavioral task
behavioral11
Sample
01/2015.5.27/07.exe
Resource
win7-en-20211208
Behavioral task
behavioral12
Sample
01/2015.5.27/07.exe
Resource
win10-en-20211208
Behavioral task
behavioral13
Sample
01/2015.5.27/09.exe
Resource
win7-en-20211208
Behavioral task
behavioral14
Sample
01/2015.5.27/09.exe
Resource
win10-en-20211208
Behavioral task
behavioral15
Sample
01/2015.5.27/10.exe
Resource
win7-en-20211208
Behavioral task
behavioral16
Sample
01/2015.5.27/10.exe
Resource
win10-en-20211208
Behavioral task
behavioral17
Sample
01/2015.5.27/12.pdf
Resource
win7-en-20211208
Behavioral task
behavioral18
Sample
01/2015.5.27/12.pdf
Resource
win10-en-20211208
Behavioral task
behavioral19
Sample
01/2015.5.27/13.pdf
Resource
win7-en-20211208
Behavioral task
behavioral20
Sample
01/2015.5.27/13.pdf
Resource
win10-en-20211208
Behavioral task
behavioral21
Sample
01/2015.5.27/14.exe
Resource
win7-en-20211208
Behavioral task
behavioral22
Sample
01/2015.5.27/14.exe
Resource
win10-en-20211208
Behavioral task
behavioral23
Sample
01/2015.5.27/15.dll
Resource
win7-en-20211208
Behavioral task
behavioral24
Sample
01/2015.5.27/15.dll
Resource
win10-en-20211208
Behavioral task
behavioral25
Sample
01/2015.5.27/16.rtf
Resource
win7-en-20211208
Behavioral task
behavioral26
Sample
01/2015.5.27/16.rtf
Resource
win10-en-20211208
Behavioral task
behavioral27
Sample
01/2015.5.27/17.pdf
Resource
win7-en-20211208
Behavioral task
behavioral28
Sample
01/2015.5.27/17.pdf
Resource
win10-en-20211208
Behavioral task
behavioral29
Sample
01/2015.5.27/18.doc
Resource
win7-en-20211208
Behavioral task
behavioral30
Sample
01/2015.5.27/18.doc
Resource
win10-en-20211208
General
-
Target
01/2015.5.27/07.exe
-
Size
180KB
-
MD5
6b0b9ad0c784552500e86aba824c0aaf
-
SHA1
1f571f395edc5722cb80bfd3e2f39730876a1019
-
SHA256
233aa10f5c89d48d93c689c7593bba95e29bc570e2819317d4863471ecf2dc02
-
SHA512
7259a760c5a4b9a24f698ae9239a417a5818b0195c32d06db61acda804817aa1063d499f93e58d3a0a4827d5c32f9982d3c5809a1cb738962cb65f0c0c41b81a
Malware Config
Signatures
-
Drops startup file 1 IoCs
Processes:
07.exedescription ioc process File created C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Flash Player.lnk 07.exe -
Loads dropped DLL 1 IoCs
Processes:
07.exepid process 2512 07.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
\Users\Admin\AppData\Local\Temp\338fdddd.dllMD5
a034e46eed7c6d2d45bc1ab7b260db9a
SHA10630f23acc36f0fc927e09d835a47d68bba20fb6
SHA256c341b6577a4575082e9bdc6299e2fc8dc34f8749a4b635fc1b4112a96342f588
SHA5129e09e57e0fd7e8934c9be70d0decd21a01618c01f52c8267e1126200bdc92bbcc76d9875a6b9cf483675a28ec7dabd111aa04c08e7eb085c8ae01107a5474010
-
memory/2512-116-0x0000000002F90000-0x0000000002FAD000-memory.dmpFilesize
116KB