Overview

overview

10

Static

static

10

SecuriteIn...09.exe

windows7_x64

3

SecuriteIn...09.exe

windows10-2004_x64

3

Analysis

  • max time kernel
    43s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    27/05/2022, 03:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SecuriteInfo.com.Variant.Midie.109118.23009.exe

  • Size

    948KB

  • MD5

    b050af8aba3a07d5ef9a3de5ab9bc565

  • SHA1

    8d9bc9ef9e929d7fdd6f88b0ecc19da91b07b2d1

  • SHA256

    eccebeaa26e771fa679177b8a05aaec028218381007a10993b4dad939245f0e8

  • SHA512

    a64659ce1caece764a98ec352e25a9273667d8b5ad972b763199975e00ec2426b6eac93aff78d0aff26166b5cb7f8141c620bef23aa49a9d39f88ec42eb6ea86

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Suspicious use of SetWindowsHookEx 3 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Variant.Midie.109118.23009.exe
    "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Variant.Midie.109118.23009.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1224
    • C:\Windows\SysWOW64\cmd.exe
      cmd.exe /c C:\Users\Admin\AppData\Local\Temp\
      2⤵
        PID:1632

    Network

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1224-56-0x0000000076531000-0x0000000076533000-memory.dmp

      Filesize

      8KB

      Download