Analysis
-
max time kernel
91s -
max time network
155s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
24-06-2022 14:56
Static task
static1
Behavioral task
behavioral1
Sample
nmap-7.92-setup.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
nmap-7.92-setup.exe
Resource
win10v2004-20220414-en
General
-
Target
nmap-7.92-setup.exe
-
Size
27.3MB
-
MD5
79ba1e7f3d16eb87bfebb79b01928421
-
SHA1
f0f0e7f7b802639a7e3f96b51d632f047291c37e
-
SHA256
b2400db1a4af9607fdd6ee50e0f5926d8b9272f89eec93d4c30b56dc854afb7a
-
SHA512
8c1dad5cd7829395b7df69cf1db789e2702cb7cdf58cb76d0e6b0c0f9b69261c57f8347d9d9185295d08e1d2fc6834db59f14ffd00a2be01c2d834130e394559
Malware Config
Signatures
-
Loads dropped DLL 2 IoCs
pid Process 2188 nmap-7.92-setup.exe 2188 nmap-7.92-setup.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
22KB
MD517c877fec39fc8ce03b7f012ef25211f
SHA161adfa25cbd51375f0355aa9b895e1dc28389e19
SHA256dbb0173bb09d64ca716b3fd9efb0222ecc7c13c11978d29f2b61cf550bcd7aba
SHA51245c44c91bf72d058fcba93e7d96b45fcc3dc06855b86eca0f463aa4eeafc7e68493e33663c68fd3fdceed51dd0e76d3493c47da68a3efdc25af9e78c2643d29d
-
Filesize
22KB
MD517c877fec39fc8ce03b7f012ef25211f
SHA161adfa25cbd51375f0355aa9b895e1dc28389e19
SHA256dbb0173bb09d64ca716b3fd9efb0222ecc7c13c11978d29f2b61cf550bcd7aba
SHA51245c44c91bf72d058fcba93e7d96b45fcc3dc06855b86eca0f463aa4eeafc7e68493e33663c68fd3fdceed51dd0e76d3493c47da68a3efdc25af9e78c2643d29d