Overview

overview

7

Static

static

c443038511...2f.exe

windows7-x64

7

c443038511...2f.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    61s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/11/2022, 20:59

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    c4430385111615639b7b4ee707b75bf4596a20cb677fe1db6e7ab40993cf802f.exe

  • Size

    9.4MB

  • MD5

    7e61b99a5cac95182edfeea3beda8f77

  • SHA1

    87f75ca075e8a4fd24f9abec478b0379c2bef4b8

  • SHA256

    c4430385111615639b7b4ee707b75bf4596a20cb677fe1db6e7ab40993cf802f

  • SHA512

    c4af983242b28cadb72bb2a638cfc0e5c1bad46aa25ce4b5af59a0af382729a6e050ec2c13327fec42accada8e06775555510adebdccc2383d1c777dfa682a2a

  • SSDEEP

    196608:BxBo6G3+++xUNZv5PWOPNahOgQdOgg8vx1+ACT8WkEP9MFsNOdwv:BnoyGNZRPWOlacgEpgIxkAaMECFsUuv

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

Processes

  • C:\Users\Admin\AppData\Local\Temp\c4430385111615639b7b4ee707b75bf4596a20cb677fe1db6e7ab40993cf802f.exe
    "C:\Users\Admin\AppData\Local\Temp\c4430385111615639b7b4ee707b75bf4596a20cb677fe1db6e7ab40993cf802f.exe"
    1⤵
    • Loads dropped DLL
    PID:2416

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\nsuD4AB.tmp\System.dll
          Filesize

          11KB

          MD5

          06faa022b430d6a5d60c6448f23191a0

          SHA1

          7a5117c09d4ca7d9e26bea4c94090a91395149b5

          SHA256

          6da3dd28ec4fcedfa95b61a30aec4fa4d23d38419387c98539758584e2f0d246

          SHA512

          ba2ed37b0286de0d8f5fcab9732b0ed7faaf7519876d65ae488cc7cb1b68ae2e23b1fea2667b7570a66c69d8d74abb63b8a751a5764e8f6d8e93a2a9f6b8d074

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\nsuD4AB.tmp\dui.dll
          Filesize

          96KB

          MD5

          9d22c0ccb3a33cd80dae2b59130bf159

          SHA1

          f063c104912736126927dc779392ed316d1c2d42

          SHA256

          bfb0f51194491fd8f6a9c3f835620069e152a9beb192e955d8377ff5c8e33160

          SHA512

          5725054ae1c6aec2e5e1f9944700e6a824c8d9a1fc9b362dffe34605d6fef158bcb9d34a613e04da3a908bb89b580567518719a5c5f269cb432933a8093ba523

          Download Submit