Overview

overview

7

Static

static

1

67b8a29559...70.exe

windows7-x64

7

67b8a29559...70.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    133s
  • max time network
    31s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    24-11-2022 08:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    67b8a29559887d9763f604c1eacda0744fe0b7e1972be950ef851a0c1f99ea70.exe

  • Size

    732KB

  • MD5

    9fa89778c2778d4ddb265989d434a928

  • SHA1

    fd00fabeef1bf028d87ddc597d4ea490cbc01111

  • SHA256

    67b8a29559887d9763f604c1eacda0744fe0b7e1972be950ef851a0c1f99ea70

  • SHA512

    b4921b9d21ecfb03977ec5c6688211ac3cd39c133d82e07cb01393df7e54d213b5e0eadc42e317fcd006c0c2f19dec0153f2631d49de03d273f7c7bdcaffa864

  • SSDEEP

    12288:P75ne7gs5nDBLxkYgNujJpnmoroSnPFSYN7iy/y5d/Z8FEqEHiioj4FE9/uKsNQ:1mFn5xkYgUf9roSPzN24y/Z8WDHVoj4Q

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\67b8a29559887d9763f604c1eacda0744fe0b7e1972be950ef851a0c1f99ea70.exe
    "C:\Users\Admin\AppData\Local\Temp\67b8a29559887d9763f604c1eacda0744fe0b7e1972be950ef851a0c1f99ea70.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    PID:960

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\nsoB8A7.tmp\InstallOptions.dll
    Filesize

    14KB

    MD5

    325b008aec81e5aaa57096f05d4212b5

    SHA1

    27a2d89747a20305b6518438eff5b9f57f7df5c3

    SHA256

    c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b

    SHA512

    18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf

    Download Submit

  • memory/960-54-0x00000000753D1000-0x00000000753D3000-memory.dmp

    Filesize

    8KB

    Download