Overview

overview

10

Static

static

8

ManyCam 8 ...PT.zip

windows7-x64

1

ManyCam 8 ...PT.zip

windows10-2004-x64

1

MAYANPROPHECY.nfo

windows7-x64

1

MAYANPROPHECY.nfo

windows10-2004-x64

1

manycam.7....PT.exe

windows7-x64

7

manycam.7....PT.exe

windows10-2004-x64

7

ManyCam 8 ...PT.exe

windows7-x64

10

ManyCam 8 ...PT.exe

windows10-2004-x64

10

ManyCam 8 ...up.exe

windows7-x64

7

ManyCam 8 ...up.exe

windows10-2004-x64

7

ManyCam 8 ...me.txt

windows7-x64

1

ManyCam 8 ...me.txt

windows10-2004-x64

1

Resubmissions

08-10-2022 15:38

221008-s23p1sehf8 10

Analysis

  • max time kernel
    41s
  • max time network
    49s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    08-10-2022 15:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ManyCam 8 Multilingual/ManyCam 8 Multilingual/ManyCam 8 Multilingual/ManyCamSetup.exe

  • Size

    92.2MB

  • MD5

    57da98671258ac3bfb1af1c182e14df8

  • SHA1

    46ee1698e072ba0363b5eca0f7d67f2e9db2c75f

  • SHA256

    9c4f384bd23df3a04bf948b271d53d3c113ee26ab978c6b411a79174d3b6e703

  • SHA512

    311f39d7feafea6eec4fabb794e30069491ccd2ccff34414ecd3477f12c2b1f08338e124ade61d5153278304d859ca365cd92a64a564307af6d50a05dcf88707

  • SSDEEP

    1572864:nNEqa8u1P0Fwz6w/dNB1ATx6Y8Z36+Th40kI4pfxtVtbIWqN1mHbev3:nZux0Fm6IP1A0Y8NnThtcpVnqXV3

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 6 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

Processes

  • C:\Users\Admin\AppData\Local\Temp\ManyCam 8 Multilingual\ManyCam 8 Multilingual\ManyCam 8 Multilingual\ManyCamSetup.exe
    "C:\Users\Admin\AppData\Local\Temp\ManyCam 8 Multilingual\ManyCam 8 Multilingual\ManyCam 8 Multilingual\ManyCamSetup.exe"
    1⤵
    • Loads dropped DLL
    PID:2032

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\nsd1D05.tmp\System.dll
    Filesize

    11KB

    MD5

    bf712f32249029466fa86756f5546950

    SHA1

    75ac4dc4808ac148ddd78f6b89a51afbd4091c2e

    SHA256

    7851cb12fa4131f1fee5de390d650ef65cac561279f1cfe70ad16cc9780210af

    SHA512

    13f69959b28416e0b8811c962a49309dca3f048a165457051a28a3eb51377dcaf99a15e86d7eee8f867a9e25ecf8c44da370ac8f530eeae7b5252eaba64b96f4

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsd1D05.tmp\System.dll
    Filesize

    11KB

    MD5

    bf712f32249029466fa86756f5546950

    SHA1

    75ac4dc4808ac148ddd78f6b89a51afbd4091c2e

    SHA256

    7851cb12fa4131f1fee5de390d650ef65cac561279f1cfe70ad16cc9780210af

    SHA512

    13f69959b28416e0b8811c962a49309dca3f048a165457051a28a3eb51377dcaf99a15e86d7eee8f867a9e25ecf8c44da370ac8f530eeae7b5252eaba64b96f4

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsd1D05.tmp\UAC.dll
    Filesize

    13KB

    MD5

    c71733d8ef33afcc99050ba2b0c56614

    SHA1

    52b5deb2fba8cdd5fa658baa59ff8d5c9fdf5c5c

    SHA256

    eb80dc6d72e39c829aa2e7370acde86b4bdcc416b65bacb970c4be9ca7928b98

    SHA512

    2332845dc5a4b38decc640c9391ad1714451dc33d39a2baf56e57879fedd71d5b487995647753272993d67c9341c5a40d5b67a2a3dacb6c809177913aeb92f67

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsd1D05.tmp\UserInfo.dll
    Filesize

    4KB

    MD5

    c7ce0e47c83525983fd2c4c9566b4aad

    SHA1

    38b7ad7bb32ffae35540fce373b8a671878dc54e

    SHA256

    6293408a5fa6d0f55f0a4d01528eb5b807ee9447a75a28b5986267475ebcd3ae

    SHA512

    ee9f23ea5210f418d4c559628bbfb3a0f892440bcd5dc4c1901cb8e510078e4481ea8353b262795076a19055e70b88e08fee5fb7e8f35a6f49022096408df20e

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsd1D05.tmp\UserInfo.dll
    Filesize

    4KB

    MD5

    c7ce0e47c83525983fd2c4c9566b4aad

    SHA1

    38b7ad7bb32ffae35540fce373b8a671878dc54e

    SHA256

    6293408a5fa6d0f55f0a4d01528eb5b807ee9447a75a28b5986267475ebcd3ae

    SHA512

    ee9f23ea5210f418d4c559628bbfb3a0f892440bcd5dc4c1901cb8e510078e4481ea8353b262795076a19055e70b88e08fee5fb7e8f35a6f49022096408df20e

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nsd1D05.tmp\nsDialogs.dll
    Filesize

    9KB

    MD5

    4ccc4a742d4423f2f0ed744fd9c81f63

    SHA1

    704f00a1acc327fd879cf75fc90d0b8f927c36bc

    SHA256

    416133dd86c0dff6b0fcaf1f46dfe97fdc85b37f90effb2d369164a8f7e13ae6

    SHA512

    790c5eb1f8b297e45054c855b66dfc18e9f3f1b1870559014dbefa3b9d5b6d33a993a9e089202e70f51a55d859b74e8605c6f633386fd9189b6f78941bf1bfdb

    Download Submit

  • memory/2032-54-0x00000000766D1000-0x00000000766D3000-memory.dmp

    Filesize

    8KB

    Download