Analysis
-
max time kernel
156s -
max time network
187s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
-
submitted
29/11/2022, 12:13
General
-
Target
637d91778add79ec4ba1ec1c3e6d36f2248efdf32d803fe8396a27633fdd137a.exe
-
Size
490KB
-
MD5
cd17a62daca71156776dc3d112bf3453
-
SHA1
8fbd9cfc4d39262849b337998fb9fd876d73f7df
-
SHA256
637d91778add79ec4ba1ec1c3e6d36f2248efdf32d803fe8396a27633fdd137a
-
SHA512
2c0d3b58054858a91e218e2bd9413971482ecdb3103bd64069f2b3c1351e307a1070cc6519f95aa2327a3d53bcb48da03db39c18306256cf47915b2cc47fa102
-
SSDEEP
6144:zq+O/zSlBb2H6Zh5BYJUYERAjVaWqoRkcfVT9XnwhJXSRZJw9qgT8xAq1p5g:zqslFfYaujVDRkcdT9AhJXSUT+AIg
Score
8/10
Malware Config
Signatures
-
UPX packed file 2 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\637d91778add79ec4ba1ec1c3e6d36f2248efdf32d803fe8396a27633fdd137a.exe"C:\Users\Admin\AppData\Local\Temp\637d91778add79ec4ba1ec1c3e6d36f2248efdf32d803fe8396a27633fdd137a.exe"1⤵
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1.2MB
-
Filesize
1.2MB