Analysis
-
max time kernel
91s -
max time network
146s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
31/10/2022, 22:06
Static task
static1
Behavioral task
behavioral1
Sample
4f2d4a8bb5af50664e95b4dbe2b0f8c8d6810db7ca890148408e924548baa4fe.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
4f2d4a8bb5af50664e95b4dbe2b0f8c8d6810db7ca890148408e924548baa4fe.exe
Resource
win10v2004-20220812-en
General
-
Target
4f2d4a8bb5af50664e95b4dbe2b0f8c8d6810db7ca890148408e924548baa4fe.exe
-
Size
5.3MB
-
MD5
197f2b7228d5ef1227e05e108839a0a3
-
SHA1
545230985f580ca9f3aeb9e258e02bffb85496a3
-
SHA256
4f2d4a8bb5af50664e95b4dbe2b0f8c8d6810db7ca890148408e924548baa4fe
-
SHA512
eae0fc23c10a8971c12fd7d9271ceb619ef4dbb23a3bdcbeb75c69af7da8018a998d6ab118bbed8b3fef7a302479470ad475b1a87f45cab84f86666fd96f6caa
-
SSDEEP
98304:1JzzSsuoNM17IdkuHbqYnUt8qpjAoKa3BudIs0Op9pn4Mgtx2wb1D:HNusKGeYnbja3BudIJOpT4Wg1D
Malware Config
Signatures
-
Loads dropped DLL 2 IoCs
pid Process 4824 4f2d4a8bb5af50664e95b4dbe2b0f8c8d6810db7ca890148408e924548baa4fe.exe 4824 4f2d4a8bb5af50664e95b4dbe2b0f8c8d6810db7ca890148408e924548baa4fe.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
12KB
MD5d61d6c709e7947296603059f8bedeba9
SHA1bdcfc90c358c82be43ef85727a7bdfebbd6d1b69
SHA25665012a46603b7e13807938e2a61f3c2a60cced3fb3187dfab3e391705e2c3f63
SHA512ed5a6efd1dd5e2119a9c523b9f9154e13552b3538bf72f4b8b02d6a9c808c3ae2ba7613d9e2b3395237461703f2da0a1482a52727ffcf6fc967552390dab0f2b
-
Filesize
5KB
MD58be27f3bdec2b49d0a6a674716622304
SHA170d17db576ed484a4c0195571118d307fd4dc1b9
SHA2564fe0a8391574867d8bdc6fb33555d90e02796563f02d1e6536acc3294a85bd47
SHA512add9f37dd0d7a27f19d172c82599a79d049385c12cdfb78745ce2b0685ecea8f85c718bd62ecd671bbed949529429500853534b63226809e707ad3745a8fc801