Overview

overview

3

Static

static

ad44e6e176...fa.exe

windows7-x64

3

ad44e6e176...fa.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    194s
  • max time network
    209s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/11/2022, 04:06

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    ad44e6e1763b0f2ba9bafe5bfcccc143a547bee58bb84b298fe8e123cd8fd9fa.exe

  • Size

    701KB

  • MD5

    43ce8d9a4412db50af3cd67769596429

  • SHA1

    4e8f66765dc4b70bfcf4e405c9e28227310f1e1c

  • SHA256

    ad44e6e1763b0f2ba9bafe5bfcccc143a547bee58bb84b298fe8e123cd8fd9fa

  • SHA512

    bb0927b21e3d0a5eeffea195af69870a3207fe20b5503a2ecb49de68e99267210d7905161579c7d8e23c83c8d8f2e2c11a6c40ba35de0da732e70cfa7af4adb9

  • SSDEEP

    12288:i3IOigqJXOy7VmL7dZ4lH+Sb7mcH+Gz7fKuNz7hAPzbTDyOgYPLbdScQxIrIX4vJ:LOilJey7VmL8l9exuNJqb3yOgwLbdScP

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Modifies Internet Explorer settings 1 TTPs 4 IoCs
    adwarespyware
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ad44e6e1763b0f2ba9bafe5bfcccc143a547bee58bb84b298fe8e123cd8fd9fa.exe
    "C:\Users\Admin\AppData\Local\Temp\ad44e6e1763b0f2ba9bafe5bfcccc143a547bee58bb84b298fe8e123cd8fd9fa.exe"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    PID:1544

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads