Overview

overview

7

Static

static

1

d758c0f98d...a7.exe

windows7-x64

7

d758c0f98d...a7.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    39s
  • max time network
    42s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    01/11/2022, 05:18

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    d758c0f98d0e3b9cf9c509b55c0f96a7.exe

  • Size

    1.1MB

  • MD5

    d758c0f98d0e3b9cf9c509b55c0f96a7

  • SHA1

    041e6f223b04e29fbe4bc4cc751a816973a357d2

  • SHA256

    10aaa5a98f42fe86a936a4325fa6785cfe2a878a9cf0ed137ef638e177ffc454

  • SHA512

    c53e5afb61dfc1805cc761eb87926912e29b49912c8fdc2dff82a0d5dcb900c350e5a12f52ddf5ec4b217fbfcd4e57d9ff97b1c953c9691b49210514f8e2128c

  • SSDEEP

    24576:6C5/0EHhKK4fc/XLOiXMLAYJNzfj9xdZwHeRfAfPdaUtI:xgK4MXLOxMINz5k0OPdaUK

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

Processes

  • C:\Users\Admin\AppData\Local\Temp\d758c0f98d0e3b9cf9c509b55c0f96a7.exe
    "C:\Users\Admin\AppData\Local\Temp\d758c0f98d0e3b9cf9c509b55c0f96a7.exe"
    1⤵
    • Loads dropped DLL
    PID:944

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\nsy2741.tmp\nsUnzip.dll
          Filesize

          146KB

          MD5

          77a26c23948070dc012bba65e7f390aa

          SHA1

          7e112775770f9b3b24e2a238b5f7c66f8802e5d8

          SHA256

          4e4e429ecf1c49119a21c817899f64152b03b41b036fc1d92aee335043364c43

          SHA512

          2e7ffa4ed5c97f555e1b0d6f55ffcfd53cd28302fc77d95fdaea89e0b6b42e67e366331e52358e78e8266d079cc2ca3ea4c909197fb38a5b4c8151c7678d0065

          Download Submit

        • \Users\Admin\AppData\Local\rc.dat
          Filesize

          1.0MB

          MD5

          1f9512b205e1c0d9cb60f28f15515614

          SHA1

          8d4f299e7f0123637ae73535c78c878dcf4027ce

          SHA256

          bba7ae62ea1fe125528c1cf1aeb8ffa288359884ca37452f1245c8a565ab923c

          SHA512

          063422d6c2ed3ccd936ae08fd46b2c65fb1e8cd0134638db24c560869799b1332273717e511dd5b5a98e0cd9e4aa75eeb8100704b88c4b1eefadfa812781b273

          Download Submit

        • memory/944-54-0x0000000075C61000-0x0000000075C63000-memory.dmp

          Filesize

          8KB

          Download

        • memory/944-58-0x0000000074F10000-0x000000007501E000-memory.dmp

          Filesize

          1.1MB

          Download

        • memory/944-57-0x0000000002790000-0x00000000033DA000-memory.dmp

          Filesize

          12.3MB

          Download

        • memory/944-61-0x0000000002860000-0x0000000002912000-memory.dmp

          Filesize

          712KB

          Download

        • memory/944-63-0x0000000074F10000-0x0000000074FFF000-memory.dmp

          Filesize

          956KB

          Download