Overview

overview

10

Static

static

invoice_101.iso

windows10_x64

3

document.lnk

windows10_x64

10

main.dll

windows10_x64

10

Analysis

  • max time kernel
    373s
  • max time network
    436s
  • platform
    windows10_x64
  • resource
    win10-20220223-en
  • submitted
    11-03-2022 17:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    invoice_101.iso

  • Size

    1.3MB

  • MD5

    f8de85c24adbe7e2cdbc4e0f34c5e2ed

  • SHA1

    2db699ce6d2248ae7a5b09f75f7e592bfbd313be

  • SHA256

    4650d948ad7d491073debf27356d91774abbe5f355f4b2fd9ccea59cfd0b0de8

  • SHA512

    5834fe3010e286ca0818cbe022e0bdf58f35aafb4d8943901e723e34dc8f610a782d4bda86eb0fab3179f5c69b0e07c35744512c192e577aaf8e16be2df28122

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Modifies registry class 1 IoCs
  • Suspicious behavior: LoadsDriver 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\invoice_101.iso
    1⤵
    • Modifies registry class
    • Suspicious behavior: LoadsDriver
    PID:3700

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads