Overview

overview

3

Static

static

1

8edd073605...68.exe

windows7-x64

3

8edd073605...68.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    46s
  • max time network
    53s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    29/11/2022, 09:19 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8edd0736057ae04f4d5b068915cddc1dccbc4f69bb53b9f45c3bc69ffdec5768.exe

  • Size

    731KB

  • MD5

    c6dea0510b988894977c1ec6bc0250c3

  • SHA1

    22f3bff9c62eec72496a61e7b56b500479d8e477

  • SHA256

    8edd0736057ae04f4d5b068915cddc1dccbc4f69bb53b9f45c3bc69ffdec5768

  • SHA512

    5e598d4f2f7673c1d5831fefda20eecb9e2fe20b13f32d1f9ff5e60c5b04d3fa590cbb609d95035ff77bcffd3d042406b78838bcf0811f5faaf38a65e76453f4

  • SSDEEP

    12288:4uud4YcGL//JWM01Vfby4QQvRO4mqPeQ9HXD4AQf1Ym1eGu8+VK4jogDOgN:4ue4YT/hmflRBmqPeQ93D4AQhenlIIoa

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8edd0736057ae04f4d5b068915cddc1dccbc4f69bb53b9f45c3bc69ffdec5768.exe
    "C:\Users\Admin\AppData\Local\Temp\8edd0736057ae04f4d5b068915cddc1dccbc4f69bb53b9f45c3bc69ffdec5768.exe"
    1⤵
    • Suspicious use of FindShellTrayWindow
    PID:1140

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1140-54-0x0000000075091000-0x0000000075093000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1140-55-0x0000000074651000-0x0000000074653000-memory.dmp

    Filesize

    8KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.