Overview

overview

7

Static

static

bee9423df2...d2.exe

windows7-x64

7

bee9423df2...d2.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    77s
  • max time network
    115s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    27/11/2022, 16:20

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    bee9423df2d00a18286d9a7c13765f03d3803a11b19fec9b6717ae2cea33b2d2.exe

  • Size

    379KB

  • MD5

    001db2573979854c014e8dc4875c955e

  • SHA1

    36af0e802a869ece1ff7c0829b3cd358225bd1fb

  • SHA256

    bee9423df2d00a18286d9a7c13765f03d3803a11b19fec9b6717ae2cea33b2d2

  • SHA512

    58a0d1c9fa1f9ef89d31f7b4ae2649375bf7b32e8faa470bb6b1c3036744605b2243b9e2186e7a08eccc29916c46c749e819f919a335ec8a106b3cedc57091c5

  • SSDEEP

    6144:qocyoc+vWl6w7wIuLjas7kcUD0aifa5O7U/JsQYbG+8nuTIQa4IY6gS:ffl64wbRQP0aiy52U/JxE6gS

Score
7/10

Malware Config

Signatures

  • Drops startup file 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Drops file in Windows directory 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

Processes

  • C:\Users\Admin\AppData\Local\Temp\bee9423df2d00a18286d9a7c13765f03d3803a11b19fec9b6717ae2cea33b2d2.exe
    "C:\Users\Admin\AppData\Local\Temp\bee9423df2d00a18286d9a7c13765f03d3803a11b19fec9b6717ae2cea33b2d2.exe"
    1⤵
    • Drops startup file
    • Loads dropped DLL
    • Drops file in Windows directory
    PID:1760

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \ProgramData\{c0594a06-01f9-ae48-c059-94a0601f2818}\bee9423df2d00a18286d9a7c13765f03d3803a11b19fec9b6717ae2cea33b2d2.exe
          Filesize

          379KB

          MD5

          001db2573979854c014e8dc4875c955e

          SHA1

          36af0e802a869ece1ff7c0829b3cd358225bd1fb

          SHA256

          bee9423df2d00a18286d9a7c13765f03d3803a11b19fec9b6717ae2cea33b2d2

          SHA512

          58a0d1c9fa1f9ef89d31f7b4ae2649375bf7b32e8faa470bb6b1c3036744605b2243b9e2186e7a08eccc29916c46c749e819f919a335ec8a106b3cedc57091c5

          Download Submit

        • memory/1760-54-0x0000000075531000-0x0000000075533000-memory.dmp

          Filesize

          8KB

          Download

        • memory/1760-55-0x0000000000350000-0x000000000037F000-memory.dmp

          Filesize

          188KB

          Download