bccc1dd268ce3e9d90b9f86de8878764f4987051a954c0ff7b3ddc5ba9a4940d | Triage

Submit
Reports

Overview

overview

8

Static

static

8

Cain/@绿�...��.url

windows7-x64

1

Cain/@绿�...��.url

windows10-2004-x64

1

Cain/Cain4.9/Abel.exe

windows7-x64

1

Cain/Cain4.9/Abel.exe

windows10-2004-x64

1

Cain/Cain4...en.exe

windows7-x64

8

Cain/Cain4...en.exe

windows10-2004-x64

8

Cain/Cain4...st.exe

windows7-x64

1

Cain/Cain4...st.exe

windows10-2004-x64

1

Cain/WinPc...��.exe

windows7-x64

3

Cain/WinPc...��.exe

windows10-2004-x64

3

Cain/WinPc...��.exe

windows7-x64

3

Cain/WinPc...��.exe

windows10-2004-x64

3

Analysis

max time kernel
176s
max time network
188s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
26-11-2022 18:41

Sharing

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Cain/@绿化软件-6年专注绿色去广告.url

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

Cain/@绿化软件-6年专注绿色去广告.url

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

Cain/Cain4.9/Abel.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

Cain/Cain4.9/Abel.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

Cain/Cain4.9/Winrtgen/Winrtgen.exe

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral6

Sample

Cain/Cain4.9/Winrtgen/Winrtgen.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral7

Sample

Cain/Cain4.9/svchost.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

Cain/Cain4.9/svchost.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

Cain/WinPcap（32位）.exe

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral10

Sample

Cain/WinPcap（32位）.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral11

Sample

Cain/WinPcap（64位）.exe

Resource

win7-20220901-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral12

Sample

Cain/WinPcap（64位）.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

Cain/WinPcap（32位）.exe
Size

549KB
MD5

9e4d67da9b90b7c891dd1f6604d1001a
SHA1

0585618726a706d2c543348be4645069cec31d6a
SHA256

d36c2e18cda80736110b69edc7fda8588f7bae5692e17c2c51a59edde1e71d6c
SHA512

7e1492716f5a55e094adbc2e25b4e160d464fd701f6b1ad614ceaf8b626ebe568ef76c9d8b725cfa85a8904dc1c93b536187090693f8d5defc3481dc2ded7f7b
SSDEEP

12288:iwCkgCw+qCApt4TCeBJXPDRJBCMGb/wwU2PrQOlzqHC/:iwCkr+CAf4TCo7RJ8M24wDrQOlzqHC/

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Processes

C:\Users\Admin\AppData\Local\Temp\Cain\WinPcap（32位）.exe
"C:\Users\Admin\AppData\Local\Temp\Cain\WinPcap（32位）.exe"
1⤵
PID:2120

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy