Analysis

  • max time kernel
    311s
  • max time network
    385s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/12/2022, 17:23

General

  • Target

    f646d1901a7f6c7d9abb558373309fa0067ca4080533b9530a72928ac362f1df.exe

  • Size

    256KB

  • MD5

    0d4cdf5cf99a75ac6d6393afc770e050

  • SHA1

    de9983f3caec9e298ca3d0c699aee80b93e19aa2

  • SHA256

    f646d1901a7f6c7d9abb558373309fa0067ca4080533b9530a72928ac362f1df

  • SHA512

    bfd8dbfff49b2f8b91a6aa61ce11d1b3476a0de7d0adc4bdfea07a6abefb5c8ab5d7e64c8437511f386279c39ce2d2c5573b94f2bcf1ae44a76bfd73d0fdee62

  • SSDEEP

    6144:ev7avoNymi+7eeyz2P9NnnnFCpImnTZygoHlKnvmb7/D26UBnmbLBXSG:eGvoNymi+7eOP9anTZygoHlKnvmb7/Dr

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f646d1901a7f6c7d9abb558373309fa0067ca4080533b9530a72928ac362f1df.exe
    "C:\Users\Admin\AppData\Local\Temp\f646d1901a7f6c7d9abb558373309fa0067ca4080533b9530a72928ac362f1df.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1724

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads