Overview

overview

3

Static

static

95adea9480...10.exe

windows7-x64

3

95adea9480...10.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    91s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/11/2022, 20:02 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    95adea9480e955c634d3c54bf5d657066d72fcfc8653a50d4f150e4243079c10.exe

  • Size

    64KB

  • MD5

    e166fce26f771499bab1df406c699824

  • SHA1

    ed837a6de4488c48caa6b42c5c4ab71406d86d46

  • SHA256

    95adea9480e955c634d3c54bf5d657066d72fcfc8653a50d4f150e4243079c10

  • SHA512

    982fc875a992b875e1271338af2e8e0493113f26a3f30fe80b84a57c07b4e6033dd1a70f9908f46d31e04cdc1450d5168d2ea60adedfce4519f474fb30788edd

  • SSDEEP

    768:/t39pEcCoc7z9e/Zd58gwgHR8XC853+Y3mtJ4:/t3nly0/hPHq53wr4

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\95adea9480e955c634d3c54bf5d657066d72fcfc8653a50d4f150e4243079c10.exe
    "C:\Users\Admin\AppData\Local\Temp\95adea9480e955c634d3c54bf5d657066d72fcfc8653a50d4f150e4243079c10.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:4416

Network

    No results found
  • 104.80.225.205:443
    322 B
     7
  • 13.69.109.130:443
    322 B
     7
  • 178.79.208.1:80
    322 B
     7
  • 178.79.208.1:80
    322 B
     7
  • 178.79.208.1:80
    322 B
     7
No results found

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.