Overview

overview

8

Static

static

8

fefe311ad4...a9.exe

windows7-x64

8

fefe311ad4...a9.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    100s
  • max time network
    165s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/10/2022, 21:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fefe311ad4ec941771f92b995ce0b056a39d7de66441183b50c49d36f5be33a9.exe

  • Size

    902KB

  • MD5

    67614dd90f46d12cdeceb0f999f5f4a0

  • SHA1

    4354755e5da32d4286321b28d108a5ff5478db1b

  • SHA256

    fefe311ad4ec941771f92b995ce0b056a39d7de66441183b50c49d36f5be33a9

  • SHA512

    c666a411574a7968cb84fb3d86416f883a23b3648060aaf304a079bd0d25ad34bda517a06d7ff86ce1a5cc9373bff8f3bff800f3ec59764f2eea8be011049d68

  • SSDEEP

    12288:j6SKqT31T6WpJY6V765jKqostkm3hbpyrDJo3u:WxqT31T6WE6I5jKqosOmRbpO2u

Score
8/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • AutoIT Executable 2 IoCs

    AutoIT scripts compiled to PE executables.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

Processes

  • C:\Users\Admin\AppData\Local\Temp\fefe311ad4ec941771f92b995ce0b056a39d7de66441183b50c49d36f5be33a9.exe
    "C:\Users\Admin\AppData\Local\Temp\fefe311ad4ec941771f92b995ce0b056a39d7de66441183b50c49d36f5be33a9.exe"
    1⤵
      PID:4736

    Network

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4736-132-0x0000000000400000-0x00000000004CB000-memory.dmp

      Filesize

      812KB

      Download

    • memory/4736-133-0x0000000000400000-0x00000000004CB000-memory.dmp

      Filesize

      812KB

      Download