Overview

overview

10

Static

static

a0cc60b4fa...0f.exe

windows7-x64

3

a0cc60b4fa...0f.exe

windows10-2004-x64

3

a69cf4fa61...7f.exe

windows7-x64

10

a69cf4fa61...7f.exe

windows10-2004-x64

10

a6dbbf3d86...75.exe

windows7-x64

7

a6dbbf3d86...75.exe

windows10-2004-x64

7

a783bb9edd...09.exe

windows7-x64

10

a783bb9edd...09.exe

windows10-2004-x64

10

ac89e5c3ba...5a.exe

windows7-x64

10

ac89e5c3ba...5a.exe

windows10-2004-x64

10

b6d4c3b56c...24.exe

windows7-x64

3

b6d4c3b56c...24.exe

windows10-2004-x64

3

b91eb833de...81.exe

windows7-x64

10

b91eb833de...81.exe

windows10-2004-x64

10

b959b003c1...74.exe

windows7-x64

10

b959b003c1...74.exe

windows10-2004-x64

10

ba8824a7c7...63.exe

windows7-x64

7

ba8824a7c7...63.exe

windows10-2004-x64

7

c0f1ebcca8...4a.exe

windows7-x64

10

c0f1ebcca8...4a.exe

windows10-2004-x64

10

c3117be60e...ea.exe

windows7-x64

10

c3117be60e...ea.exe

windows10-2004-x64

10

c492754e6c...ef.exe

windows7-x64

3

c492754e6c...ef.exe

windows10-2004-x64

3

c9cc4d95ca...cd.exe

windows7-x64

10

c9cc4d95ca...cd.exe

windows10-2004-x64

10

ca4a22ce76...20.exe

windows7-x64

10

ca4a22ce76...20.exe

windows10-2004-x64

10

cb949ebe87...26.exe

windows7-x64

10

cb949ebe87...26.exe

windows10-2004-x64

10

cbc0718c3c...99.exe

windows7-x64

10

cbc0718c3c...99.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    96s
  • max time network
    163s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05-09-2022 15:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a69cf4fa61217f8230e032089a8f56f7ebf31e4cd35124e6ad104db86851f17f.exe

  • Size

    589KB

  • MD5

    f89d5185c912436e7c2b0ff037b55b0e

  • SHA1

    14da45680aa662216e87cc7d392cae8666c56cc9

  • SHA256

    a69cf4fa61217f8230e032089a8f56f7ebf31e4cd35124e6ad104db86851f17f

  • SHA512

    726415ccbbfecd8c58de96b7782208aedabcde2e8fc0eed73b7dc4cba914b250d909cc6d95d2c164967e1cabf8e58b82f26cee1d5aafb9281b3ed6ac84702714

  • SSDEEP

    12288:ijxthLTUxMF5Np0oLwEcMTXgdlGkPHQUoGDcm32W6G1Dv2G:uh3Ueb0cwxOEvF3r6w+G

Score
10/10
blisterloader

Malware Config

Signatures

  • BLISTER

    BLISTER is a downloader used to deliver other malware families.

    loaderblister
  • Detect Blister loader x64 2 IoCs
    loader
  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

Processes

  • C:\Users\Admin\AppData\Local\Temp\a69cf4fa61217f8230e032089a8f56f7ebf31e4cd35124e6ad104db86851f17f.exe
    "C:\Users\Admin\AppData\Local\Temp\a69cf4fa61217f8230e032089a8f56f7ebf31e4cd35124e6ad104db86851f17f.exe"
    1⤵
    • Loads dropped DLL
    PID:2948

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\wimgapi_64\wimgapi.exe
    Filesize

    791KB

    MD5

    c3fa9493f5bd07f9c506d250cfa54d4c

    SHA1

    6743bb204fc3004046ed8c7f4e8d9a921b3d568e

    SHA256

    d3d48aa32b062b6e767966a8bab354eded60e0a11be5bc5b7ad8329aa5718c76

    SHA512

    9d8114d194244da733adc69d7a9039ef44634a6eb54287ecd8bb05b98e9041bf415bcec5d1519c5894572942756994061e996e722fb97a059666f6dd46da0071

    Download Submit

  • memory/2948-133-0x00007FFC3D900000-0x00007FFC3D9CA000-memory.dmp

    Filesize

    808KB

    Download