Overview

overview

7

Static

static

a5077d1c7f...53.exe

windows7-x64

7

a5077d1c7f...53.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    141s
  • max time network
    180s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27-11-2022 13:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a5077d1c7fc17176c78b2f106f2eaae6a31c448acc8228942aa50e53ccf06253.exe

  • Size

    379KB

  • MD5

    447291ea8aa13d20589581819220e712

  • SHA1

    d2748e8f512be0afbf04f5c0a277755538bc91a3

  • SHA256

    a5077d1c7fc17176c78b2f106f2eaae6a31c448acc8228942aa50e53ccf06253

  • SHA512

    94cf50ca02244fd0b917c667cadef4c7ce1149e8b2f13fd293f18e1c3b7272a4ea210ef13fa40fc2cd56d20842423033f5ac5e3102b67d4e8df09a7534899a08

  • SSDEEP

    6144:m04iD+K0Td1z9ega3xHB3aByOol2X7mPYRrgJ/n0fWIEZURMUE/3japRLMcrqk:m0r+33z9eZBB1EKwRCXmLXrqk

Score
7/10

Malware Config

Signatures

  • Drops startup file 1 IoCs
  • Drops file in Windows directory 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

Processes

  • C:\Users\Admin\AppData\Local\Temp\a5077d1c7fc17176c78b2f106f2eaae6a31c448acc8228942aa50e53ccf06253.exe
    "C:\Users\Admin\AppData\Local\Temp\a5077d1c7fc17176c78b2f106f2eaae6a31c448acc8228942aa50e53ccf06253.exe"
    1⤵
    • Drops startup file
    • Drops file in Windows directory
    PID:4952

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4952-132-0x00000000037F0000-0x000000000381F000-memory.dmp

    Filesize

    188KB

    Download