Analysis
-
max time kernel
244s -
max time network
276s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
-
submitted
02/12/2022, 23:28
General
-
Target
b2d43eb955de682ebc678177ea390a4f905e2dbfe1cff93fee137413f6a6bbc0.exe
-
Size
148KB
-
MD5
e9dd7112c2ff1cf64002fc6fe139cb79
-
SHA1
c13acde170be20e99682f6bc3f128f6f0c004bd9
-
SHA256
b2d43eb955de682ebc678177ea390a4f905e2dbfe1cff93fee137413f6a6bbc0
-
SHA512
bd500433a99e482eeffb75fbebfe724a90c282ae431b74a313e6fc895c037334e61bbb6790dc58cf1993532bb1252d98e7a3d4c194b9aa56aa70227292e5c535
-
SSDEEP
3072:Qdo+sgRs59j/pvkqBBac+RAGq1bg7Yfgst6OzOS79pgRZkhQJAOAU4oQZiESV5n:eoZbj/pvkqBBac+RAGq1bZHtrzOS77kT
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\b2d43eb955de682ebc678177ea390a4f905e2dbfe1cff93fee137413f6a6bbc0.exe"C:\Users\Admin\AppData\Local\Temp\b2d43eb955de682ebc678177ea390a4f905e2dbfe1cff93fee137413f6a6bbc0.exe"1⤵
- Suspicious use of SetWindowsHookEx