Overview
overview
10Static
static
a0cc60b4fa...0f.exe
windows7-x64
3a0cc60b4fa...0f.exe
windows10-2004-x64
3a69cf4fa61...7f.exe
windows7-x64
10a69cf4fa61...7f.exe
windows10-2004-x64
10a6dbbf3d86...75.exe
windows7-x64
7a6dbbf3d86...75.exe
windows10-2004-x64
7a783bb9edd...09.exe
windows7-x64
10a783bb9edd...09.exe
windows10-2004-x64
10ac89e5c3ba...5a.exe
windows7-x64
10ac89e5c3ba...5a.exe
windows10-2004-x64
10b6d4c3b56c...24.exe
windows7-x64
3b6d4c3b56c...24.exe
windows10-2004-x64
3b91eb833de...81.exe
windows7-x64
10b91eb833de...81.exe
windows10-2004-x64
10b959b003c1...74.exe
windows7-x64
10b959b003c1...74.exe
windows10-2004-x64
10ba8824a7c7...63.exe
windows7-x64
7ba8824a7c7...63.exe
windows10-2004-x64
7c0f1ebcca8...4a.exe
windows7-x64
10c0f1ebcca8...4a.exe
windows10-2004-x64
10c3117be60e...ea.exe
windows7-x64
10c3117be60e...ea.exe
windows10-2004-x64
10c492754e6c...ef.exe
windows7-x64
3c492754e6c...ef.exe
windows10-2004-x64
3c9cc4d95ca...cd.exe
windows7-x64
10c9cc4d95ca...cd.exe
windows10-2004-x64
10ca4a22ce76...20.exe
windows7-x64
10ca4a22ce76...20.exe
windows10-2004-x64
10cb949ebe87...26.exe
windows7-x64
10cb949ebe87...26.exe
windows10-2004-x64
10cbc0718c3c...99.exe
windows7-x64
10cbc0718c3c...99.exe
windows10-2004-x64
10Analysis
-
max time kernel
35s -
max time network
46s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system -
submitted
05-09-2022 15:53
Static task
static1
Behavioral task
behavioral1
Sample
a0cc60b4fa8f29f5410424687c8f3e60b7f7b63c632fb506d2a42be45264de0f.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
a0cc60b4fa8f29f5410424687c8f3e60b7f7b63c632fb506d2a42be45264de0f.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
a69cf4fa61217f8230e032089a8f56f7ebf31e4cd35124e6ad104db86851f17f.exe
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
a69cf4fa61217f8230e032089a8f56f7ebf31e4cd35124e6ad104db86851f17f.exe
Resource
win10v2004-20220901-en
Behavioral task
behavioral5
Sample
a6dbbf3d861bcc796d59c88856aa1537ad9929bb48026eade107b1ab504dbf75.exe
Resource
win7-20220812-en
Behavioral task
behavioral6
Sample
a6dbbf3d861bcc796d59c88856aa1537ad9929bb48026eade107b1ab504dbf75.exe
Resource
win10v2004-20220901-en
Behavioral task
behavioral7
Sample
a783bb9eddc40876a80504615a40e65649b910eeb0b5041ca7e8635d39b1d209.exe
Resource
win7-20220812-en
Behavioral task
behavioral8
Sample
a783bb9eddc40876a80504615a40e65649b910eeb0b5041ca7e8635d39b1d209.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral9
Sample
ac89e5c3ba69bb41f4bb4bb7f7af39514b5a211ec6b641d45408777b30c75c5a.exe
Resource
win7-20220812-en
Behavioral task
behavioral10
Sample
ac89e5c3ba69bb41f4bb4bb7f7af39514b5a211ec6b641d45408777b30c75c5a.exe
Resource
win10v2004-20220901-en
Behavioral task
behavioral11
Sample
b6d4c3b56c0b12a12ff0e2baee3f46f4683f9e33a780c9631b61cf755eebc024.exe
Resource
win7-20220812-en
Behavioral task
behavioral12
Sample
b6d4c3b56c0b12a12ff0e2baee3f46f4683f9e33a780c9631b61cf755eebc024.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral13
Sample
b91eb833de386ea3d73d2954f0dce9fe38e4bf96594620af6c0935b9ee0d7e81.exe
Resource
win7-20220812-en
Behavioral task
behavioral14
Sample
b91eb833de386ea3d73d2954f0dce9fe38e4bf96594620af6c0935b9ee0d7e81.exe
Resource
win10v2004-20220901-en
Behavioral task
behavioral15
Sample
b959b003c1e558ff0ccf1d0f96509b155d6f86eb20caa97b470f3422494d8d74.exe
Resource
win7-20220812-en
Behavioral task
behavioral16
Sample
b959b003c1e558ff0ccf1d0f96509b155d6f86eb20caa97b470f3422494d8d74.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral17
Sample
ba8824a7c7b7db0f89d566719b6a2c0893158b37b5ac45dd138acbdf6d7e9d63.exe
Resource
win7-20220901-en
Behavioral task
behavioral18
Sample
ba8824a7c7b7db0f89d566719b6a2c0893158b37b5ac45dd138acbdf6d7e9d63.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral19
Sample
c0f1ebcca8a8094853aa65210ddde80f6a9ffe7b3f2d75d5652b166722b3aa4a.exe
Resource
win7-20220812-en
Behavioral task
behavioral20
Sample
c0f1ebcca8a8094853aa65210ddde80f6a9ffe7b3f2d75d5652b166722b3aa4a.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral21
Sample
c3117be60ef780dc86581052b5e3f72969bef6471c7218e35beec60d167eb4ea.exe
Resource
win7-20220812-en
Behavioral task
behavioral22
Sample
c3117be60ef780dc86581052b5e3f72969bef6471c7218e35beec60d167eb4ea.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral23
Sample
c492754e6c21e22732ad1188c511745a3eea064696dc7f351d66e3c92bd63cef.exe
Resource
win7-20220901-en
Behavioral task
behavioral24
Sample
c492754e6c21e22732ad1188c511745a3eea064696dc7f351d66e3c92bd63cef.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral25
Sample
c9cc4d95ca1197328a743a41b09c2375d54ac97fcdde5e07bda660396710eccd.exe
Resource
win7-20220812-en
Behavioral task
behavioral26
Sample
c9cc4d95ca1197328a743a41b09c2375d54ac97fcdde5e07bda660396710eccd.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral27
Sample
ca4a22ce761737a04ebdba0fd8063a81642d7d96fea052c8debe9acf7791df20.exe
Resource
win7-20220901-en
Behavioral task
behavioral28
Sample
ca4a22ce761737a04ebdba0fd8063a81642d7d96fea052c8debe9acf7791df20.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral29
Sample
cb949ebe87c55c0ba6cf0525161e2e6670c1ae186ab83ce46047446e9753a926.exe
Resource
win7-20220901-en
Behavioral task
behavioral30
Sample
cb949ebe87c55c0ba6cf0525161e2e6670c1ae186ab83ce46047446e9753a926.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral31
Sample
cbc0718c3c45ed4311aec5f83572b7b92d364ab4d16bc43582e781843bdef099.exe
Resource
win7-20220812-en
Behavioral task
behavioral32
Sample
cbc0718c3c45ed4311aec5f83572b7b92d364ab4d16bc43582e781843bdef099.exe
Resource
win10v2004-20220812-en
General
-
Target
ac89e5c3ba69bb41f4bb4bb7f7af39514b5a211ec6b641d45408777b30c75c5a.exe
-
Size
572KB
-
MD5
1ef4ef71230454934d759745e1e1240d
-
SHA1
774012f2dd2f71d58b94faa83292503710eeb49c
-
SHA256
ac89e5c3ba69bb41f4bb4bb7f7af39514b5a211ec6b641d45408777b30c75c5a
-
SHA512
3445eacec6afe88214aa936ace0adec541d80c216886f3c99aa1053031a5a2eb57068c5e073e720e6db17d74ab3479a1fa49eb08e9a33feb358c1180db953098
-
SSDEEP
12288:ojvtdyOr+WX4QbM9Vl9nlVgDlWkyRm30N9R:EjqAuy7ez
Malware Config
Signatures
-
Detect Blister loader x64 2 IoCs
Processes:
resource yara_rule \Users\Admin\AppData\Local\Temp\wimgapi_64\wimgapi.dll family_blister_x64 behavioral9/memory/892-56-0x000007FEF6520000-0x000007FEF65E8000-memory.dmp family_blister_x64 -
Loads dropped DLL 1 IoCs
Processes:
ac89e5c3ba69bb41f4bb4bb7f7af39514b5a211ec6b641d45408777b30c75c5a.exepid process 892 ac89e5c3ba69bb41f4bb4bb7f7af39514b5a211ec6b641d45408777b30c75c5a.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
784KB
MD5642aa70b188eb7e76273130246419f1d
SHA16f1ed28b7660af5bdf36b06cc47ac763a96b46b8
SHA2568e6c0d338f201630b5c5ba4f1757e931bc065c49559c514658b4c2090a23e57b
SHA512ae485df1909fb504ea627a529d8650cd4249a9997ead8409e041302102b0eb3605c33406f1166eda7a4e3ddb8ca8bca9cf3fc0492b1606b8ac1d50842c59b312