Analysis
-
max time kernel
110s -
max time network
166s -
platform
windows10-2004_x64 -
resource
win10v2004-20220901-en -
resource tags
-
submitted
05-09-2022 15:53
General
-
Target
ac89e5c3ba69bb41f4bb4bb7f7af39514b5a211ec6b641d45408777b30c75c5a.exe
-
Size
572KB
-
MD5
1ef4ef71230454934d759745e1e1240d
-
SHA1
774012f2dd2f71d58b94faa83292503710eeb49c
-
SHA256
ac89e5c3ba69bb41f4bb4bb7f7af39514b5a211ec6b641d45408777b30c75c5a
-
SHA512
3445eacec6afe88214aa936ace0adec541d80c216886f3c99aa1053031a5a2eb57068c5e073e720e6db17d74ab3479a1fa49eb08e9a33feb358c1180db953098
-
SSDEEP
12288:ojvtdyOr+WX4QbM9Vl9nlVgDlWkyRm30N9R:EjqAuy7ez
Malware Config
Signatures
-
BLISTER
BLISTER is a downloader used to deliver other malware families.
-
Detect Blister loader x64 2 IoCs
-
Loads dropped DLL 1 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
-
C:\Users\Admin\AppData\Local\Temp\ac89e5c3ba69bb41f4bb4bb7f7af39514b5a211ec6b641d45408777b30c75c5a.exe"C:\Users\Admin\AppData\Local\Temp\ac89e5c3ba69bb41f4bb4bb7f7af39514b5a211ec6b641d45408777b30c75c5a.exe"1⤵
- Loads dropped DLL
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
784KB
MD5642aa70b188eb7e76273130246419f1d
SHA16f1ed28b7660af5bdf36b06cc47ac763a96b46b8
SHA2568e6c0d338f201630b5c5ba4f1757e931bc065c49559c514658b4c2090a23e57b
SHA512ae485df1909fb504ea627a529d8650cd4249a9997ead8409e041302102b0eb3605c33406f1166eda7a4e3ddb8ca8bca9cf3fc0492b1606b8ac1d50842c59b312
-
Filesize
800KB