Analysis
-
max time kernel
19s -
max time network
25s -
platform
windows10-2004_x64 -
resource
win10v2004-en-20220113 -
submitted
07-02-2022 08:00
Static task
static1
Behavioral task
behavioral1
Sample
Order-9411574-pdf.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
Order-9411574-pdf.exe
Resource
win10v2004-en-20220113
General
-
Target
Order-9411574-pdf.exe
-
Size
249KB
-
MD5
58e91c804bf83bcb330d64d87bdd7abf
-
SHA1
9f00f81e64cbe3445a1f3f5f24976d736e8543ca
-
SHA256
d0d523bb3e44390067122f5b4768ee44811c00f14a344dd70e71d4c2bcf4962d
-
SHA512
aaf401d5f4a35325677ba978d170204d1305759c763b3d345d2817080cfb0707acb3703548f29db2c520faf3f2ba8835adeec435da59dfea1d3c03527f400ddb
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
Processes:
Order-9411574-pdf.exepid process 3624 Order-9411574-pdf.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Temp\nsw9068.tmp\rgjrdod.dllMD5
ad3bbea4e6415e4e6f83a2ec08335163
SHA146502c9542dcfdf95951eef320fef39490d11d98
SHA25669fca02cde90fc973b6e4b158966598fbad391c117b94b9ed52315e770354a37
SHA51200247d66d597515f238161a23759f78a4330d6410414a60fbf9cc2b0501c96d833ce4191cc72c6b6ee2902f14f809fd7b1f161a6f4b6516df0b0195b3e7c7c09