Overview

overview

10

Static

static

94d545f285...e0.exe

windows7_x64

10

94d545f285...e0.exe

windows10-2004_x64

10

Analysis

  • max time kernel
    165s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-en-20211208
  • submitted
    11-02-2022 06:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    94d545f285cae53f4efd484ebbe3c2c6c3e4542ded732f6985945e7ae62ab4e0.exe

  • Size

    53KB

  • MD5

    4d3b771abcfd283072fe1083617b09cb

  • SHA1

    2464704ea9021ca7ab2ef2f1b98a18c8a272a205

  • SHA256

    94d545f285cae53f4efd484ebbe3c2c6c3e4542ded732f6985945e7ae62ab4e0

  • SHA512

    b52a4dd4202a05fbd2e059e6f42639dfa70077b29ed57e35a6002f780fe7392a966c84fafea2551456cae9a7e875f70e4093cbb7a98148b8cd1bb39dd7f07148

Score
10/10
globeimposterpersistenceransomware

Malware Config

Signatures

  • GlobeImposter

    GlobeImposter is a ransomware first seen in 2017.

    ransomwareglobeimposter
  • Adds Run key to start application 2 TTPs 2 IoCs
    persistence
  • Drops desktop.ini file(s) 13 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\94d545f285cae53f4efd484ebbe3c2c6c3e4542ded732f6985945e7ae62ab4e0.exe
    "C:\Users\Admin\AppData\Local\Temp\94d545f285cae53f4efd484ebbe3c2c6c3e4542ded732f6985945e7ae62ab4e0.exe"
    1⤵
    • Adds Run key to start application
    • Drops desktop.ini file(s)
    PID:516

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/516-55-0x0000000075191000-0x0000000075193000-memory.dmp

    Filesize

    8KB

    Download