Overview

overview

3

Static

static

375dd75518...ce.exe

windows7-x64

3

375dd75518...ce.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    42s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    25/11/2022, 15:49

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    375dd75518cff9dc7100c611a274da62b05a3ad70a1a82ee3491c1b091c179ce.exe

  • Size

    4.3MB

  • MD5

    fb7650b651dc5102a9f03b619024b9c2

  • SHA1

    e3958614ccb079c5f1cae940e23ed160620b74c2

  • SHA256

    375dd75518cff9dc7100c611a274da62b05a3ad70a1a82ee3491c1b091c179ce

  • SHA512

    73bdaf692fe58aa117013876daa67feaba788ecb3104a258cab77239212cfeff133358448cfc07b337c1cacab5b8dfa7ddf9da9ac50a2809bd945160e1926eb2

  • SSDEEP

    98304:o9MpHhvYzprr/vBHijXUMgBZwcU9hbkBjL2mGTO2+72AeqL//H3:9pHh2nnQpgBZwv9xSky2+77/H3

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\375dd75518cff9dc7100c611a274da62b05a3ad70a1a82ee3491c1b091c179ce.exe
    "C:\Users\Admin\AppData\Local\Temp\375dd75518cff9dc7100c611a274da62b05a3ad70a1a82ee3491c1b091c179ce.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:1076

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/1076-54-0x0000000075C51000-0x0000000075C53000-memory.dmp

          Filesize

          8KB

          Download