Analysis
-
max time kernel
150s -
max time network
158s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
-
submitted
22-10-2022 14:38
General
-
Target
0eb58b723318b8746280abd3d278a6325deba933c67d41cf638aa89244d6c3c7.exe
-
Size
2.1MB
-
MD5
f0c0bd9f2464a22b26cd1e59f061c301
-
SHA1
9f4af038778fd91eb409c774c88325d23cf48c26
-
SHA256
0eb58b723318b8746280abd3d278a6325deba933c67d41cf638aa89244d6c3c7
-
SHA512
090872ec9db441be82172fe4b093ec0f6b55183341fea747e8ea66591aa81422e69d2b5d227369b22f7088a7d9d8eeb0fdd0d4818072372032425d2c321e0748
-
SSDEEP
24576:lJ/Q7WLg9oER9uXtIkOrGoJHcuA2yZdwMrl9Je:d
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\0eb58b723318b8746280abd3d278a6325deba933c67d41cf638aa89244d6c3c7.exe"C:\Users\Admin\AppData\Local\Temp\0eb58b723318b8746280abd3d278a6325deba933c67d41cf638aa89244d6c3c7.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/576-54-0x0000000000920000-0x0000000000B4A000-memory.dmpFilesize
2.2MB
-
memory/576-55-0x0000000000550000-0x00000000005C8000-memory.dmpFilesize
480KB
-
memory/576-56-0x000000001B1E0000-0x000000001B286000-memory.dmpFilesize
664KB
-
memory/576-57-0x00000000003F0000-0x000000000043E000-memory.dmpFilesize
312KB
-
memory/576-58-0x00000000020F0000-0x000000000213C000-memory.dmpFilesize
304KB