Overview

overview

3

Static

static

5f1471be9b...61.exe

windows7-x64

3

5f1471be9b...61.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    136s
  • max time network
    44s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    19-09-2022 21:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5f1471be9ba09313b0cecbf8fcb0be4c1ee6af453c2f63ebb4ca8bc5c96c0961.exe

  • Size

    2.5MB

  • MD5

    39ce4650f43a092c688e4b8c3825014f

  • SHA1

    fe06e59de3eefb07f97218dc47be2bcbe0595ded

  • SHA256

    5f1471be9ba09313b0cecbf8fcb0be4c1ee6af453c2f63ebb4ca8bc5c96c0961

  • SHA512

    46aaf800392efe144fd84c739e0e5b08d4de197fc3339f35aeadac9e7ceb2e261da2284dd899d0f8cb78920d7696b7b62da3526ca516ae6aa9430ea121956dcc

  • SSDEEP

    24576:Uelo5jh+9b8SL1lAdL5+FPI3YqOcHQSFablTmVf6xquGjHneFUJfKRiGi30ApoJJ:Bl+h+1qs0Y/BTmluGjHnevRjiEioKBPk

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5f1471be9ba09313b0cecbf8fcb0be4c1ee6af453c2f63ebb4ca8bc5c96c0961.exe
    "C:\Users\Admin\AppData\Local\Temp\5f1471be9ba09313b0cecbf8fcb0be4c1ee6af453c2f63ebb4ca8bc5c96c0961.exe"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    PID:112

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/112-54-0x0000000074C11000-0x0000000074C13000-memory.dmp

    Filesize

    8KB

    Download