Overview

overview

3

Static

static

Trojan-Ran...er.exe

windows7-x64

1

Trojan-Ran...er.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    92s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06-11-2022 17:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Trojan-Ransom.Win32.Blocker.exe

  • Size

    213KB

  • MD5

    2e2a2862c9f091d02154c1925e34d764

  • SHA1

    ff7cd582d8ebc61a523c5197f1c164c55886b8df

  • SHA256

    d922c53c1f7e13488c1fee2c2e4a6f5b1f946df15ae8ee079e5b8b500e2eb52d

  • SHA512

    0d31d4210aaeadd7a97e728972182b51142cb93bb3be90c97e477e540b8157f82cae62e1be524f8b4585cb48d618a03f06c69f93f4b2ae8025efda42720cf208

  • SSDEEP

    6144:YIVaMj0lvXNsMOagpfp01H1wUwD2odoJdX5OR3:YIVbwrOv1nU5dJdC

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Trojan-Ransom.Win32.Blocker.exe
    "C:\Users\Admin\AppData\Local\Temp\Trojan-Ransom.Win32.Blocker.exe"
    1⤵
      PID:4604
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 4604 -s 452
        2⤵
        • Program crash
        PID:1584
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4604 -ip 4604
      1⤵
        PID:5072

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads