Overview
overview
10Static
static
0494e1b88f...90.exe
windows7-x64
30494e1b88f...90.exe
windows10-2004-x64
30f41c175bc...07.exe
windows7-x64
30f41c175bc...07.exe
windows10-2004-x64
30f78cea418...13.exe
windows7-x64
30f78cea418...13.exe
windows10-2004-x64
312ffee3e2c...c5.exe
windows7-x64
312ffee3e2c...c5.exe
windows10-2004-x64
31449f8a93c...3a.exe
windows7-x64
71449f8a93c...3a.exe
windows10-2004-x64
71463bbb2a8...13.exe
windows7-x64
101463bbb2a8...13.exe
windows10-2004-x64
10148b25ad23...fa.exe
windows7-x64
7148b25ad23...fa.exe
windows10-2004-x64
71fe05e5f82...ec.exe
windows7-x64
101fe05e5f82...ec.exe
windows10-2004-x64
102a12cf13b7...8c.exe
windows7-x64
102a12cf13b7...8c.exe
windows10-2004-x64
102aaa916d56...f3.exe
windows7-x64
102aaa916d56...f3.exe
windows10-2004-x64
102b247f89f1...d0.exe
windows7-x64
72b247f89f1...d0.exe
windows10-2004-x64
73757406d4b...a9.exe
windows7-x64
33757406d4b...a9.exe
windows10-2004-x64
339828c100c...f5.exe
windows7-x64
339828c100c...f5.exe
windows10-2004-x64
33ac3fd9de6...e2.exe
windows7-x64
103ac3fd9de6...e2.exe
windows10-2004-x64
104c0d6edc64...3f.exe
windows7-x64
104c0d6edc64...3f.exe
windows10-2004-x64
104fe551bcea...e5.exe
windows7-x64
104fe551bcea...e5.exe
windows10-2004-x64
10Analysis
-
max time kernel
37s -
max time network
46s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system -
submitted
05-09-2022 15:50
Static task
static1
Behavioral task
behavioral1
Sample
0494e1b88f4a3b69162ef51971246f87c0ad434549a802ae7d54aee954190090.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
0494e1b88f4a3b69162ef51971246f87c0ad434549a802ae7d54aee954190090.exe
Resource
win10v2004-20220901-en
Behavioral task
behavioral3
Sample
0f41c175bc3b7e6c6688b143d5e8d037d5ce6671886fb3a10e5fcbaa6cd1cd07.exe
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
0f41c175bc3b7e6c6688b143d5e8d037d5ce6671886fb3a10e5fcbaa6cd1cd07.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral5
Sample
0f78cea41852b4b219e4127e5db31404d463594d7e893c1498afe0938cf83813.exe
Resource
win7-20220901-en
Behavioral task
behavioral6
Sample
0f78cea41852b4b219e4127e5db31404d463594d7e893c1498afe0938cf83813.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral7
Sample
12ffee3e2c5daf4019991827cefc744154de65568c9527755bd548d0740058c5.exe
Resource
win7-20220812-en
Behavioral task
behavioral8
Sample
12ffee3e2c5daf4019991827cefc744154de65568c9527755bd548d0740058c5.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral9
Sample
1449f8a93c3bf1bf34091945ecce2da9e7e71b8cc7235309e37031edc801303a.exe
Resource
win7-20220901-en
Behavioral task
behavioral10
Sample
1449f8a93c3bf1bf34091945ecce2da9e7e71b8cc7235309e37031edc801303a.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral11
Sample
1463bbb2a82fb27ad4b86489b2910a8ec9c1a29cf19aaaa0da37b9217f674513.exe
Resource
win7-20220812-en
Behavioral task
behavioral12
Sample
1463bbb2a82fb27ad4b86489b2910a8ec9c1a29cf19aaaa0da37b9217f674513.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral13
Sample
148b25ad23097ace1d616a362c65706e63e392133cdda5495aaa3b70e6064ffa.exe
Resource
win7-20220901-en
Behavioral task
behavioral14
Sample
148b25ad23097ace1d616a362c65706e63e392133cdda5495aaa3b70e6064ffa.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral15
Sample
1fe05e5f8237f2c9c6b079eaf4f1e21aea96b1a092a66bf3ab9633a59c50c6ec.exe
Resource
win7-20220812-en
Behavioral task
behavioral16
Sample
1fe05e5f8237f2c9c6b079eaf4f1e21aea96b1a092a66bf3ab9633a59c50c6ec.exe
Resource
win10v2004-20220901-en
Behavioral task
behavioral17
Sample
2a12cf13b7145e1ddb3cc6b36b0716ee3563f35ba5544b1c127fb553f0a2108c.exe
Resource
win7-20220812-en
Behavioral task
behavioral18
Sample
2a12cf13b7145e1ddb3cc6b36b0716ee3563f35ba5544b1c127fb553f0a2108c.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral19
Sample
2aaa916d56cfe95abb65fbc222bfdfa2b16a3ffb6660c1bdc211004302a1aef3.exe
Resource
win7-20220812-en
Behavioral task
behavioral20
Sample
2aaa916d56cfe95abb65fbc222bfdfa2b16a3ffb6660c1bdc211004302a1aef3.exe
Resource
win10v2004-20220901-en
Behavioral task
behavioral21
Sample
2b247f89f132b4674e69a4403e715f7eb951278e77bdb9a9f62605d21b6df2d0.exe
Resource
win7-20220812-en
Behavioral task
behavioral22
Sample
2b247f89f132b4674e69a4403e715f7eb951278e77bdb9a9f62605d21b6df2d0.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral23
Sample
3757406d4b995a2a6e9f5b12a5ce317b84425b3534065a39705f49a5bdc0d4a9.exe
Resource
win7-20220812-en
Behavioral task
behavioral24
Sample
3757406d4b995a2a6e9f5b12a5ce317b84425b3534065a39705f49a5bdc0d4a9.exe
Resource
win10v2004-20220901-en
Behavioral task
behavioral25
Sample
39828c100cf2134d3cc8f57a9c5eb40c1206a5a339f3c60aba202eb8bf1420f5.exe
Resource
win7-20220812-en
Behavioral task
behavioral26
Sample
39828c100cf2134d3cc8f57a9c5eb40c1206a5a339f3c60aba202eb8bf1420f5.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral27
Sample
3ac3fd9de619c934b0fad04b0384898d98cd69444da2d2bbf3bdd6a7e922fce2.exe
Resource
win7-20220901-en
Behavioral task
behavioral28
Sample
3ac3fd9de619c934b0fad04b0384898d98cd69444da2d2bbf3bdd6a7e922fce2.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral29
Sample
4c0d6edc64d4af980e7fe0d01dc66380d5f0d1b1d845080a12ec74849880783f.exe
Resource
win7-20220812-en
Behavioral task
behavioral30
Sample
4c0d6edc64d4af980e7fe0d01dc66380d5f0d1b1d845080a12ec74849880783f.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral31
Sample
4fe551bcea5e07879ec84a7f1cea1036cfd0a3b03151403542cab6bd8541f8e5.exe
Resource
win7-20220812-en
General
-
Target
2b247f89f132b4674e69a4403e715f7eb951278e77bdb9a9f62605d21b6df2d0.exe
-
Size
544KB
-
MD5
04c811dbb1cd5fa75cf421a1cd120c61
-
SHA1
3e07f85dd20e33121ac57f8c7b4f43276eda502a
-
SHA256
2b247f89f132b4674e69a4403e715f7eb951278e77bdb9a9f62605d21b6df2d0
-
SHA512
7d66d132389de918905ef5a135ef90a83e97dfad4677a159f3d39b56f35e4ccf6d40f0a0478e9b8f94446c79a71a9d8f7a6f6a812f5aa35ba8b0cd798e3c72cd
-
SSDEEP
12288:/hNBUWNS654GrKqbSI4Tss/wQyLLlZCAfRdEN5aq:9UWMxGrxeIcgvlZCAJdEr5
Malware Config
Signatures
-
Loads dropped DLL 4 IoCs
Processes:
2b247f89f132b4674e69a4403e715f7eb951278e77bdb9a9f62605d21b6df2d0.exepid process 1972 2b247f89f132b4674e69a4403e715f7eb951278e77bdb9a9f62605d21b6df2d0.exe 1972 2b247f89f132b4674e69a4403e715f7eb951278e77bdb9a9f62605d21b6df2d0.exe 1972 2b247f89f132b4674e69a4403e715f7eb951278e77bdb9a9f62605d21b6df2d0.exe 1972 2b247f89f132b4674e69a4403e715f7eb951278e77bdb9a9f62605d21b6df2d0.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
19KB
MD56cea6371a970b2646ff63be4b3f282a9
SHA13c9f44f5027f988e9b350c003911551b48c8c5cb
SHA2567792ec631895511cb454c8d8ed13754641558878ea615a7fb3dffdec8f9f1b33
SHA51254dcb84901734a405d9c88b2ab81e24972bde995807188b63046721277dcef41cfd6d39b58565b6cecad2442876050f589b9d4ff69f027624546683b90563f97
-
Filesize
19KB
MD56cea6371a970b2646ff63be4b3f282a9
SHA13c9f44f5027f988e9b350c003911551b48c8c5cb
SHA2567792ec631895511cb454c8d8ed13754641558878ea615a7fb3dffdec8f9f1b33
SHA51254dcb84901734a405d9c88b2ab81e24972bde995807188b63046721277dcef41cfd6d39b58565b6cecad2442876050f589b9d4ff69f027624546683b90563f97
-
Filesize
11KB
MD5d543257e01e76a856ef800564a9414df
SHA128750db391621008f570e1a4d5350219b3cfbba8
SHA256d74149b7c010fb71f8e341e89837f072e29e1c352c2895da4207aa0e440c5423
SHA5129e9bbf15780458c9421ec840dd5e129b5c8f52245a0d748fbab077db60d323dfed38eda3c08ff60aaf95ad32c10608b76b395558ee39623f99ecb5ceb8e64ff4
-
Filesize
4KB
MD53200e5e32e04bcd5c6de46c1e9d3f713
SHA1ea00f63a135575dd6f7e122092a75d484f157006
SHA256e8a18f997fa73793d228b34546e2ca723fccec4dc1e2f72b756bd6497c4cb4a1
SHA512e4ef1f14eb898d0466efd741a2a4c64ad0436908817448e0208d77cfbf48a7044cc9c874d50b52e119409134765f3938a0b88ebdce4dbe053e00b2c63c56b8c5