Analysis
-
max time kernel
3s -
max time network
33s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
-
submitted
23-11-2022 15:49
General
-
Target
d3a786fbd7b5fb939030d6b450258f19fed1986505436825136696059f0ea360.exe
-
Size
30.7MB
-
MD5
ab2105c06304b45e089384fbccfe22c2
-
SHA1
331d6ca81fdd6409c10f01e1f58fede2ff4ee29c
-
SHA256
d3a786fbd7b5fb939030d6b450258f19fed1986505436825136696059f0ea360
-
SHA512
9ba983974452ef3fb6a596cddf174a7e66bf8f0fbdf88f1410b309b43fbce543aa6650b3875ef5740c0135703a3f6f8e608ab68415cd85845e1505f92511d812
-
SSDEEP
786432:qPA25MxP93dxXJBx7lzZv5Cn0PtY0hJ6rYMaA2m:ZP9Zlz3ntCjaA2m
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
-
C:\Users\Admin\AppData\Local\Temp\d3a786fbd7b5fb939030d6b450258f19fed1986505436825136696059f0ea360.exe"C:\Users\Admin\AppData\Local\Temp\d3a786fbd7b5fb939030d6b450258f19fed1986505436825136696059f0ea360.exe"1⤵
- Loads dropped DLL
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
\Users\Admin\AppData\Local\Temp\nstE014.tmp\InstallOptions.dllFilesize
14KB
MD5325b008aec81e5aaa57096f05d4212b5
SHA127a2d89747a20305b6518438eff5b9f57f7df5c3
SHA256c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b
SHA51218362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf
-
memory/1220-54-0x0000000074C41000-0x0000000074C43000-memory.dmpFilesize
8KB