Overview

overview

7

Static

static

338ddf2270...a6.exe

windows7-x64

7

338ddf2270...a6.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    207s
  • max time network
    246s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26/11/2022, 23:13

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    338ddf227079e9b976e5bbe715b4d2dcae5035c838a557a42f590a4132e1dca6.exe

  • Size

    1.9MB

  • MD5

    2e0a88ae6a2854a1535240d62e30dbb0

  • SHA1

    7eb2642b0814b76e700622cc3def32632a09996d

  • SHA256

    338ddf227079e9b976e5bbe715b4d2dcae5035c838a557a42f590a4132e1dca6

  • SHA512

    21ae6026a9e935359543a95b56868967abb323b03f94a6fe88a04b8fe08f8a8cf83a9d4b1a8cc4ae4aa5f2731a92eb05247067e4bffe799b4199e136b266e536

  • SSDEEP

    49152:G9RsS7l1rTj/WgB48WKoDmVGIqvqVCC13oyAdPD:oRs6r+WkmVAYCc3HAdPD

Score
4/10

Malware Config

Signatures

  • Drops file in Program Files directory 2 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\338ddf227079e9b976e5bbe715b4d2dcae5035c838a557a42f590a4132e1dca6.exe
    "C:\Users\Admin\AppData\Local\Temp\338ddf227079e9b976e5bbe715b4d2dcae5035c838a557a42f590a4132e1dca6.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    PID:112

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/112-132-0x0000000000400000-0x00000000009F0200-memory.dmp

          Filesize

          5.9MB

          Download

        • memory/112-133-0x0000000000400000-0x00000000009F0200-memory.dmp

          Filesize

          5.9MB

          Download