Overview

overview

7

Static

static

ac0bd34117...1f.exe

windows7-x64

7

ac0bd34117...1f.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    175s
  • max time network
    185s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24/11/2022, 02:44

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    ac0bd341173a91705968f6487b9d8d873f3fb8842f987582838b78356ed0be1f.exe

  • Size

    371KB

  • MD5

    04c1772163a14d5655d55f954cd3cc2b

  • SHA1

    e4f7efb9206dbada52f96abb3c29b6a9497910f0

  • SHA256

    ac0bd341173a91705968f6487b9d8d873f3fb8842f987582838b78356ed0be1f

  • SHA512

    60c090fde6c4ff5ff4f3f7fe454edbb32717e5675e7ce4295d3da19b8924b7dace95c327c0ff00beeadf916dc63645e5ab939d667aa9fe597867bbbc63a246f7

  • SSDEEP

    6144:pefO+fekmDO39496VIvq7qnvDbfrM9hpB2T1Ca573EdS7Y6jyIY1YJ7906oBUTG:0fO+ZmDO3Wi2/frMrZipoCTG

Score
7/10

Malware Config

Signatures

  • Drops startup file 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

Processes

  • C:\Users\Admin\AppData\Local\Temp\ac0bd341173a91705968f6487b9d8d873f3fb8842f987582838b78356ed0be1f.exe
    "C:\Users\Admin\AppData\Local\Temp\ac0bd341173a91705968f6487b9d8d873f3fb8842f987582838b78356ed0be1f.exe"
    1⤵
    • Drops startup file
    PID:4260

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/4260-132-0x0000000003280000-0x00000000032AC000-memory.dmp

          Filesize

          176KB

          Download