Overview

overview

10

Static

static

416/0e055e...59.exe

windows7-x64

1

416/0e055e...59.exe

windows10-2004-x64

1

416/1192e5...71.exe

windows7-x64

5

416/1192e5...71.exe

windows10-2004-x64

5

416/442068...71.exe

windows7-x64

10

416/442068...71.exe

windows10-2004-x64

10

416/444471...1e.exe

windows7-x64

1

416/444471...1e.exe

windows10-2004-x64

1

416/57b3e3...ad.exe

windows7-x64

6

416/57b3e3...ad.exe

windows10-2004-x64

6

416/83111a...a8.exe

windows7-x64

1

416/83111a...a8.exe

windows10-2004-x64

1

416/9fb365...0d.exe

windows7-x64

3

416/9fb365...0d.exe

windows10-2004-x64

3

416/b0118d...94.exe

windows7-x64

1

416/b0118d...94.exe

windows10-2004-x64

1

416/c30afd...35.exe

windows7-x64

3

416/c30afd...35.exe

windows10-2004-x64

3

416/d7175f...6d.exe

windows7-x64

1

416/d7175f...6d.exe

windows10-2004-x64

1

416/e8b275...bb.exe

windows7-x64

3

416/e8b275...bb.exe

windows10-2004-x64

3

416/ed8b3b...0a.exe

windows7-x64

1

416/ed8b3b...0a.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    45s
  • max time network
    49s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    12-11-2022 03:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    416/1192e513c036fa5b640ccf1796790b03341fa50e6b20254e75f534d35e846a71.exe

  • Size

    158KB

  • MD5

    5a9d9ebc2f4122053702b6ba7f205a4f

  • SHA1

    b30c4f46a1bc8db7f50ba937cc9e495ee14946df

  • SHA256

    1192e513c036fa5b640ccf1796790b03341fa50e6b20254e75f534d35e846a71

  • SHA512

    f3d0c12db709bd0c11ec369736fecf4f3db8d898e58189a3d47c8d42d6f43d1d9dab2694fec28a63a42c2dd1395b55a2eb0de011ecc64e6e0082f4ee02d59d1a

  • SSDEEP

    3072:z2HGK/3NhIXAH9G4s1OYTesnOB6O8cElJib+Ku2rqpZHXME0fqY:z2HGK/3IXg927TeWOB6O8cEm22sZHXrv

Score
5/10
ransomware

Malware Config

Signatures

  • Sets desktop wallpaper using registry 2 TTPs 2 IoCs
    ransomware

Processes

  • C:\Users\Admin\AppData\Local\Temp\416\1192e513c036fa5b640ccf1796790b03341fa50e6b20254e75f534d35e846a71.exe
    "C:\Users\Admin\AppData\Local\Temp\416\1192e513c036fa5b640ccf1796790b03341fa50e6b20254e75f534d35e846a71.exe"
    1⤵
    • Sets desktop wallpaper using registry
    PID:1996

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Defacement

1
T1491

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1996-54-0x0000000000BE0000-0x0000000000C0E000-memory.dmp
    Filesize

    184KB

    Download