Analysis
-
max time kernel
42s -
max time network
49s -
platform
windows7_x64 -
resource
win7-20220901-en -
resource tags
-
submitted
29/11/2022, 10:31
General
-
Target
4acfa5163e9f77314e76a3c34fcbee67b875a91e8b6cd99e33a59008d12add21.exe
-
Size
16.5MB
-
MD5
1869caef156a7d59cd4df6ece7977786
-
SHA1
f73420d0f3176ad86a616305e2d3be5713d028ad
-
SHA256
4acfa5163e9f77314e76a3c34fcbee67b875a91e8b6cd99e33a59008d12add21
-
SHA512
ca7445b7a144cb7d521b96cdfe082e7fb39f0db977f2ef389f7ccd2ff1a4e46daff3af5b68ed0fbd5dbea9c2fca76d8955f56f631b9301ede72f8fd42f5263bf
-
SSDEEP
393216:P2RGtQ0fZDd/epkkd4VraBd+g0FjQlsN1Kd3k9Q:P2IRBdGRXBUgkisad3ku
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
-
C:\Users\Admin\AppData\Local\Temp\4acfa5163e9f77314e76a3c34fcbee67b875a91e8b6cd99e33a59008d12add21.exe"C:\Users\Admin\AppData\Local\Temp\4acfa5163e9f77314e76a3c34fcbee67b875a91e8b6cd99e33a59008d12add21.exe"1⤵
- Loads dropped DLL
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
18.6MB
MD584f82dc4d62aeb5a3b423a0b80c08430
SHA179cc598cb5bdf3fe6f026867062afa06c1ebe931
SHA2561fcad6d28b61fc98ff65b4235b8ddd7f128121de9807fd4db5c70c039674fa82
SHA512b6901c3f20eb811746df76513d7f6ece3adfd6edbce5a13d51ca71ce5ee424af3870b7dc415ad6b1c29dfc04100b844243ef906870413e27234551440135ac0a
-
Filesize
8KB