Analysis
-
max time kernel
242s -
max time network
44s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
20-05-2022 12:22
Static task
static1
Behavioral task
behavioral1
Sample
intelsoftwareassetmanagerservice.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
intelsoftwareassetmanagerservice.exe
Resource
win10v2004-20220414-en
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
intelsoftwareassetmanagerservice.exe
-
Size
3.1MB
-
MD5
5bdebce7118d30a387fec0f9329c5437
-
SHA1
83a66c54772017c6fa0e243bcf5bbfebd2c29518
-
SHA256
b8f8ddaba5754af65c9b7c762d69e1b2bd3702307c41589977759d813bf78635
-
SHA512
96676730f1529972ee7f6582d43d856ffeed4706d26042c961ed14598eb03c0be410c1fe4d993b5a2eb594a7de0eba5b9004c713e29ae7e932947beda1de80b4
Score
1/10
Malware Config
Signatures
-
Opens file in notepad (likely ransom note) 1 IoCs
Processes:
NOTEPAD.EXEpid process 1788 NOTEPAD.EXE
Processes
-
C:\Users\Admin\AppData\Local\Temp\intelsoftwareassetmanagerservice.exe"C:\Users\Admin\AppData\Local\Temp\intelsoftwareassetmanagerservice.exe"1⤵
-
C:\Windows\system32\NOTEPAD.EXE"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\ReceiveHide.inf1⤵
- Opens file in notepad (likely ransom note)
-
C:\Windows\SysWOW64\DllHost.exeC:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}1⤵