Overview

overview

3

Static

static

20c7d67ad2...ed.exe

windows7-x64

3

20c7d67ad2...ed.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    71s
  • max time network
    88s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2022, 19:07

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    20c7d67ad2ae683893771d8aca57cd2423c6c886167952241aaf17bdca0f84ed.exe

  • Size

    44KB

  • MD5

    03de59e4c4184cde1c8ec81fe9c864f8

  • SHA1

    2e9cc477cac464fb82df10526160e53f6f9eb2f4

  • SHA256

    20c7d67ad2ae683893771d8aca57cd2423c6c886167952241aaf17bdca0f84ed

  • SHA512

    6c55da92288d4aab77bb05fa91de4cf9c7811b99e7b65e56cd147f543ed7e74aa8d3d2fa9d1df515c275aa1f7e6c4a11e30391110ed5185f35effc509a4fed76

  • SSDEEP

    768:+HHrctAHqtK1wRnDCDc7Wk5r32vG7D39ncejcGL/:+C+wEoqGCGZcGD

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\20c7d67ad2ae683893771d8aca57cd2423c6c886167952241aaf17bdca0f84ed.exe
    "C:\Users\Admin\AppData\Local\Temp\20c7d67ad2ae683893771d8aca57cd2423c6c886167952241aaf17bdca0f84ed.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1728

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/1728-56-0x0000000075931000-0x0000000075933000-memory.dmp

          Filesize

          8KB

          Download