Overview

overview

3

Static

static

1be5c39f1b...66.exe

windows7_x64

3

1be5c39f1b...66.exe

windows10-2004_x64

3

Analysis

  • max time kernel
    43s
  • max time network
    49s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    07-06-2022 17:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1be5c39f1b26e294ad423f63e23b6748214051297fc058cd5342d3119a251466.exe

  • Size

    282KB

  • MD5

    1bbd74ffbbecf915c000ed831f09f63d

  • SHA1

    3341fbdbd4b9ba6da455e606bad74f2838e6032a

  • SHA256

    1be5c39f1b26e294ad423f63e23b6748214051297fc058cd5342d3119a251466

  • SHA512

    923496b86bb35ac2e0fc91bd6606bfd88ebf3a88211d5dbb590722ef8ad91c79302a3786466ac43dd4960c35560e9f4144c5900692cf8e84ab896c82e8480a38

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Suspicious behavior: EnumeratesProcesses 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1be5c39f1b26e294ad423f63e23b6748214051297fc058cd5342d3119a251466.exe
    "C:\Users\Admin\AppData\Local\Temp\1be5c39f1b26e294ad423f63e23b6748214051297fc058cd5342d3119a251466.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:968

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/968-54-0x0000000075B61000-0x0000000075B63000-memory.dmp

    Filesize

    8KB

    Download

  • memory/968-55-0x0000000000450000-0x000000000045C000-memory.dmp

    Filesize

    48KB

    Download