Analysis
-
max time kernel
10s -
max time network
62s -
platform
windows10-2004_x64 -
resource
win10v2004-en-20220113 -
submitted
31-01-2022 13:21
Static task
static1
Behavioral task
behavioral1
Sample
a75c88bdafcead6c2096d01dc8f2f052.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
a75c88bdafcead6c2096d01dc8f2f052.exe
Resource
win10v2004-en-20220113
General
-
Target
a75c88bdafcead6c2096d01dc8f2f052.exe
-
Size
412KB
-
MD5
a75c88bdafcead6c2096d01dc8f2f052
-
SHA1
d36d981a34f591eada1df8ea230bbfbdcbd6bf97
-
SHA256
ba46838d8445539ef9360355459abfdf8d0932d80f26cd8682fbaf2a236461da
-
SHA512
b8d3d14112e5910d906c74c63d0208ac02e8e29b230d92bef1d7c6098a65c0b7660841a5fcefebaf96edf969cdeda62282cd642d56c63fe711a23ea0112edd41
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
Processes:
a75c88bdafcead6c2096d01dc8f2f052.exepid process 2720 a75c88bdafcead6c2096d01dc8f2f052.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Temp\nsf6551.tmp\pxitlcdz.dllMD5
606d2bcc416fc37c03e554be57b99395
SHA11ef604a21f62cbd9039b5b7dec49d74fcc69aa4c
SHA25611b98384fa90009836cbbf1798b535759bb166278dd0e855dcef2e851720832b
SHA51263cea78cece3875a839ca62e82db4d9caef7071af6964421f4cfbcb18299c1a7636c69d759f8e134ad74ab968f98be15b6939a660e3299417276a13dcae5ddde