Analysis
-
max time kernel
145s -
max time network
148s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system -
submitted
27-11-2022 07:18
Static task
static1
Behavioral task
behavioral1
Sample
Overdue_account letter.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
Overdue_account letter.exe
Resource
win10v2004-20221111-en
General
-
Target
Overdue_account letter.exe
-
Size
958KB
-
MD5
40c43a758689271d72709958de73a4cc
-
SHA1
9fb2af9270987df6a8e974eb745f9a01022c3453
-
SHA256
1ea31d04175fb842e43adb57eadd01486fbad17841f83d5eff065b67baeb4d69
-
SHA512
a47e491d4eda64ddedf8d533aea1097fe43b85927074598ee74fb59faa48968e44d7c2f58057375850710389da2a0bcac9eab6a248172a5dcdcc99b7c87d5bf4
-
SSDEEP
24576:NoU376CMskFgqIyXXkH5MF1FI86jiT17MTsM3ya2veHe:NpPkVXX65cr6jiT1ha2veHe
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2512-132-0x00000000005D0000-0x00000000006C6000-memory.dmpFilesize
984KB
-
memory/2512-133-0x0000000005630000-0x0000000005BD4000-memory.dmpFilesize
5.6MB
-
memory/2512-134-0x0000000004F30000-0x0000000004FC2000-memory.dmpFilesize
584KB
-
memory/2512-135-0x0000000005080000-0x000000000511C000-memory.dmpFilesize
624KB
-
memory/2512-136-0x0000000005450000-0x000000000545A000-memory.dmpFilesize
40KB