Analysis
-
max time kernel
121s -
max time network
130s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
11-07-2022 08:08
Static task
static1
Behavioral task
behavioral1
Sample
nmbdepch.exe
Resource
win7-20220414-en
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
nmbdepch.exe
Resource
win10v2004-20220414-en
0 signatures
0 seconds
General
-
Target
nmbdepch.exe
-
Size
968KB
-
MD5
a6e5804f4d6a9a2a823a70ad37db3716
-
SHA1
f20ce20488fb607162285b0ccac95bc965bf116d
-
SHA256
5f7e2c3aca868d28e2321913fee896d84b6e648e9289c2dacecd5bf85f7ee743
-
SHA512
cdea1a027cb63173035c4d0d681ad1bd0c63bb2f0a722d6d5316aaae9e474b2e9d0b21cf7f74388ff348133deab4aab92f431d125db79e8134b98d93c26ba4be
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
nmbdepch.exepid process 4628 nmbdepch.exe 4628 nmbdepch.exe 4628 nmbdepch.exe