Analysis
-
max time kernel
156s -
max time network
168s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system -
submitted
27/11/2022, 19:40
Static task
static1
Behavioral task
behavioral1
Sample
54ec0cb925a97a58e7c1fdd41d5fad59dce4d151db6840eb232a256bb69d3561.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
54ec0cb925a97a58e7c1fdd41d5fad59dce4d151db6840eb232a256bb69d3561.exe
Resource
win10v2004-20221111-en
General
-
Target
54ec0cb925a97a58e7c1fdd41d5fad59dce4d151db6840eb232a256bb69d3561.exe
-
Size
369KB
-
MD5
e51fbaf93be8da9efa3faa0e2b3f73e3
-
SHA1
994718788964f011e0a3635fa8a5963ade68026a
-
SHA256
54ec0cb925a97a58e7c1fdd41d5fad59dce4d151db6840eb232a256bb69d3561
-
SHA512
f4a620e64b4003abd424a02a62a67f3ea270953ac568e2ff13706471b8164e299082709f608c6f5bec50469da861a48aea6a3fe50dc89b2b5a9e150910ce83ec
-
SSDEEP
6144:Z3jbfJEqbmsj7FDXxBd3GU/Fz0JgK5RboXjpp3CO/z8gg5YwgC4xnWgYKg2lAh5J:B2qbme7FbQaggK5dol7A7rl
Malware Config
Signatures
-
Drops startup file 1 IoCs
description ioc Process File created C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\54ec0cb925a97a58e7c1fdd41d5fad59dce4d151db6840eb232a256bb69d3561.lnk 54ec0cb925a97a58e7c1fdd41d5fad59dce4d151db6840eb232a256bb69d3561.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.