Analysis
-
max time kernel
133s -
max time network
31s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system -
submitted
24-11-2022 08:13
Static task
static1
Behavioral task
behavioral1
Sample
67b8a29559887d9763f604c1eacda0744fe0b7e1972be950ef851a0c1f99ea70.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
67b8a29559887d9763f604c1eacda0744fe0b7e1972be950ef851a0c1f99ea70.exe
Resource
win10v2004-20221111-en
General
-
Target
67b8a29559887d9763f604c1eacda0744fe0b7e1972be950ef851a0c1f99ea70.exe
-
Size
732KB
-
MD5
9fa89778c2778d4ddb265989d434a928
-
SHA1
fd00fabeef1bf028d87ddc597d4ea490cbc01111
-
SHA256
67b8a29559887d9763f604c1eacda0744fe0b7e1972be950ef851a0c1f99ea70
-
SHA512
b4921b9d21ecfb03977ec5c6688211ac3cd39c133d82e07cb01393df7e54d213b5e0eadc42e317fcd006c0c2f19dec0153f2631d49de03d273f7c7bdcaffa864
-
SSDEEP
12288:P75ne7gs5nDBLxkYgNujJpnmoroSnPFSYN7iy/y5d/Z8FEqEHiioj4FE9/uKsNQ:1mFn5xkYgUf9roSPzN24y/Z8WDHVoj4Q
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
Processes:
67b8a29559887d9763f604c1eacda0744fe0b7e1972be950ef851a0c1f99ea70.exepid process 960 67b8a29559887d9763f604c1eacda0744fe0b7e1972be950ef851a0c1f99ea70.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
67b8a29559887d9763f604c1eacda0744fe0b7e1972be950ef851a0c1f99ea70.exepid process 960 67b8a29559887d9763f604c1eacda0744fe0b7e1972be950ef851a0c1f99ea70.exe
Processes
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
14KB
MD5325b008aec81e5aaa57096f05d4212b5
SHA127a2d89747a20305b6518438eff5b9f57f7df5c3
SHA256c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b
SHA51218362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf