fc483e0eb946a51fa42f4516201b9f20c296459d784fd0c7443b457f99bfbcda | Triage

Submit
Reports

Overview

overview

3

Static

static

fc483e0eb9...da.exe

windows7-x64

3

fc483e0eb9...da.exe

windows10-2004-x64

1

Analysis

max time kernel
12s
max time network
70s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
29/10/2022, 05:32

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

fc483e0eb946a51fa42f4516201b9f20c296459d784fd0c7443b457f99bfbcda.exe

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

fc483e0eb946a51fa42f4516201b9f20c296459d784fd0c7443b457f99bfbcda.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

fc483e0eb946a51fa42f4516201b9f20c296459d784fd0c7443b457f99bfbcda.exe
Size

222KB
MD5

f5077fb91f6477422db32a5df8ab146d
SHA1

7220bf9bc75151d003efa051e0167222528d2ca3
SHA256

fc483e0eb946a51fa42f4516201b9f20c296459d784fd0c7443b457f99bfbcda
SHA512

67ed25cd3738d6ea78cf6c449c6881a6e776fb0642c49a7157c822db6a79b3a21650abb6f702e38901f69e1bfec34dc78c130625d9cc06cbb0921dbe8ef93bfe
SSDEEP

6144:QnVzvK6qkMMx6LkAmEp6RHPPBPvennns7JI2yv:ovKMzAmEMV17Jfyv

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Processes

C:\Users\Admin\AppData\Local\Temp\fc483e0eb946a51fa42f4516201b9f20c296459d784fd0c7443b457f99bfbcda.exe
"C:\Users\Admin\AppData\Local\Temp\fc483e0eb946a51fa42f4516201b9f20c296459d784fd0c7443b457f99bfbcda.exe"
1⤵
PID:1108
- C:\Users\Admin\AppData\Local\Temp\85a2.exe
  "C:\Users\Admin\AppData\Local\Temp\85a2.exe" "C:\Users\Admin\AppData\Local\Temp\fc483e0eb946a51fa42f4516201b9f20c296459d784fd0c7443b457f99bfbcda.exe"
  2⤵
  PID:968

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\85a2.exe

Filesize
34KB

MD5
844a1c99291a67618dd622cbc9ee2bcc

SHA1
2b5da5acbab322c3a1fb196609f7a1b7d36fdcf0

SHA256
0efa58239b2744260c6c30912cd0e40ddedca073409468e256217a3f3808169a

SHA512
761cd9702201a1d080e85d91d4e8335c2b36730cd460b3ab55936e90db6a908bb7349d1935ee05ec2e018b02e3db2b081233ff4538b8a1d0bf39a1c409dd5f2d

Download Submit
\Users\Admin\AppData\Local\Temp\85a2.exe

Filesize
13KB

MD5
d4671f116194b9125bf063f4f81b5a1b

SHA1
419f2ef1b65abe4c3cf2400222f69b8aa80d1d6c

SHA256
77b0909be09b787f1c098592d9a47e605d220bd0d3bfe1f4791a84c79b902b97

SHA512
d42a3cc5d7350023b4bab12913ac6d7ffd16d9bdddfb8d47e9f0beb5c7ac09fdc0c81f05bb2331c7294a6d1f86bbc6aebfac847fa7ca54e05f200a7b3f345298

Download Submit
\Users\Admin\AppData\Local\Temp\85a2.exe

Filesize
47KB

MD5
f6a5b8255c0527dba9c0d19e8c49e00f

SHA1
b10feb3dfc709eb7d86e0f38f0eaa9f497327b52

SHA256
fe4b05d1967685721add9617762b229f3edd1c6db41050b1ba4a14777dd99367

SHA512
be710bf1784ac99fc7816ab24585272fdbf393ffc41a48f744a1b0e9d9a99441d4a9fee25c3c53ecc60bbcc08102b116864645164263fddc9e273eb514db48c4

Download Submit
memory/1108-54-0x0000000075771000-0x0000000075773000-memory.dmp

Filesize
8KB

Download

© 2018-2025

Terms | Privacy