Overview

overview

3

Static

static

e82b45ad36...69.exe

windows7-x64

3

e82b45ad36...69.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    109s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    03/12/2022, 12:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e82b45ad36bdfc6cd8c3dff65565876d59238dfb1a408e45bcdc0c91ed2b8f69.exe

  • Size

    4.0MB

  • MD5

    92508cc91af61c7eaa247c599f966497

  • SHA1

    e74f585eeab8a4722cd652f108e3e3989a799de5

  • SHA256

    e82b45ad36bdfc6cd8c3dff65565876d59238dfb1a408e45bcdc0c91ed2b8f69

  • SHA512

    ca6b833fc91e38dac75229942148bab96948b20c99e0b4d219b93d130536c7f78bc9a8f589e9d8e96d7048418d5da9a4e6377d31f50b8739ac0dae33972008ae

  • SSDEEP

    98304:tgIgvxqYqzVr8Meh1IjYWVX/U5vWX/jlMoOAW44Bbncu:e55qQM/YWN8ALlMW4Bbncu

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e82b45ad36bdfc6cd8c3dff65565876d59238dfb1a408e45bcdc0c91ed2b8f69.exe
    "C:\Users\Admin\AppData\Local\Temp\e82b45ad36bdfc6cd8c3dff65565876d59238dfb1a408e45bcdc0c91ed2b8f69.exe"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1884

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1884-54-0x0000000000400000-0x0000000000729000-memory.dmp

    Filesize

    3.2MB

    Download

  • memory/1884-55-0x0000000075201000-0x0000000075203000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1884-56-0x0000000000400000-0x0000000000729000-memory.dmp

    Filesize

    3.2MB

    Download

  • memory/1884-57-0x0000000000400000-0x0000000000729000-memory.dmp

    Filesize

    3.2MB

    Download