Overview

overview

10

Static

static

10

unpack.exe

windows7_x64

3

unpack.exe

windows10-2004_x64

3

Analysis

  • max time kernel
    149s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    09/05/2022, 17:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    unpack.exe

  • Size

    1.2MB

  • MD5

    592cca2bd60c3098d7a2e562e994b6fb

  • SHA1

    c3ecc78bbb9098f52007bfb527dc3cef975cc36e

  • SHA256

    a670c683bfd2a0dc75a9b5fba8f491ec4126b1f0908a469687664a9023ad8b19

  • SHA512

    cf0fcabf26fd40a3e0c705fc5f8dc343082f3c0a9de459ece3b59eab86dabfad1384fadb4478c903808f49e734135268f25a25a773a694e07c57a9b056f86470

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Suspicious use of SetWindowsHookEx 3 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\unpack.exe
    "C:\Users\Admin\AppData\Local\Temp\unpack.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1944
    • C:\Windows\SysWOW64\cmd.exe
      cmd.exe /c C:\Users\Admin\AppData\Local\Temp\
      2⤵
        PID:3372

    Network

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads