Analysis
-
max time kernel
175s -
max time network
220s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
-
submitted
24/11/2022, 06:38
General
-
Target
c927d85eebf5b8a090ce983ed9962a7e2b4577f9381e27ee6c3fe10ddba67ce9.exe
-
Size
5.9MB
-
MD5
7d542d59c4ea47eecea5cfbd8d3ee2c8
-
SHA1
950d99171009bd012b0db253ea2ef692db1b36c3
-
SHA256
c927d85eebf5b8a090ce983ed9962a7e2b4577f9381e27ee6c3fe10ddba67ce9
-
SHA512
fa7eb522020d6ce7ecd0b5f09098964e1c55162857f5ba1e68789d70d5e1bec5b32c4c00b2c58f708893a3cf92b72408178d8fbb1fd44f8dd182bf5b195b8d2c
-
SSDEEP
49152:savtSSD7zXqbUa1sWO0j4/6TYTbjjDOT+rSmnt2KOwZk86cOyec8ymBrYevi:sqa1VOky++rFnoKOwSFcO1c8tJYeq
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\c927d85eebf5b8a090ce983ed9962a7e2b4577f9381e27ee6c3fe10ddba67ce9.exe"C:\Users\Admin\AppData\Local\Temp\c927d85eebf5b8a090ce983ed9962a7e2b4577f9381e27ee6c3fe10ddba67ce9.exe"1⤵
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
278KB
MD517bddadca7044cc7b8406f1ca45210df
SHA1d74c5236542f4ddbb50cd113dedcd05aa9861ca9
SHA2564406dc1789f1ebdbfebb7796719d21dcce2250f3a0a07f204cfd0b4f93725f6c
SHA5121abf4e41912e18b77f7e0ea7ce98e0a5760a554cf79c78dd8ccaf04589fc02579b0fbb5a822acf2d098c2362b778821b1e5e870a55cba5834566a723c0716d50