Analysis
-
max time kernel
143s -
max time network
154s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
-
submitted
23-11-2022 07:40
General
-
Target
7ab8412ed8349876372462f8e3dc7623667091d5aea18ba2481459d242134780.exe
-
Size
1.6MB
-
MD5
3cc908eff0ff982e2aa47b289102c77e
-
SHA1
f91fba422706ce678d7aa443eca2a368cc1b638d
-
SHA256
7ab8412ed8349876372462f8e3dc7623667091d5aea18ba2481459d242134780
-
SHA512
58ae3cc7ab4487e4834e6ed077dc278adf5cca26c33757f4893c5c10e666945d18c277b0acd3c43425ffb842d94ee2899dcdc3e0605c91281261777d8cc37464
-
SSDEEP
49152:DzSVTNqmq7h4zSjNxnn3eFKR+NxUK20NElr:q3adsShFn3eEZK2mElr
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
-
C:\Users\Admin\AppData\Local\Temp\7ab8412ed8349876372462f8e3dc7623667091d5aea18ba2481459d242134780.exe"C:\Users\Admin\AppData\Local\Temp\7ab8412ed8349876372462f8e3dc7623667091d5aea18ba2481459d242134780.exe"1⤵
- Loads dropped DLL
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Temp\nsl7E8C.tmp\InstallOptions.dllFilesize
12KB
MD51d5c649dde35003a618b9679d5d71b92
SHA10409bbab3ab34f8c01289cdd847b4d1a32d05b18
SHA2560f4d3cee24e3f310fa804983c931d3628613988a24f0be7854f63a9309b8e45f
SHA512b432ebcc52905662d61a3f17e08e209a3f9d836a9071b3b5e80070af7ebcf34cf66c44426dda041c2a258fda4787e5692e2b35acbcd73288fb84fe3c977bbfd9