Overview

overview

6

Static

static

e2b51130e0...28.exe

windows7-x64

6

e2b51130e0...28.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    75s
  • max time network
    35s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    04/12/2022, 04:24

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    e2b51130e08491fd11acd1482b1d829922e6c8e574b0d73742021f28bcb6ed28.exe

  • Size

    68KB

  • MD5

    bcc64e143b706cd6e347dd9b369de45c

  • SHA1

    d694270285ac0dd78e3bd5ad81423b3fefd64df1

  • SHA256

    e2b51130e08491fd11acd1482b1d829922e6c8e574b0d73742021f28bcb6ed28

  • SHA512

    0a57b1ab671fdcad56f753891e565e263d28c223e87a1def87d2a2af55f538165cda114e550b2f40f0178774461730a3f6f969653030698ed0bd61c70d1540c1

  • SSDEEP

    768:O1UMtEqxt449AJGrU/94tlwlu85hcBR8SYSOAvwtb+3fdMgIgqXkYBIEbeCTjXhs:O1UMnxt4DGrXfouOI81so3XGb9Ypg

Score
6/10

Malware Config

Signatures

  • Enumerates connected drives 3 TTPs 24 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e2b51130e08491fd11acd1482b1d829922e6c8e574b0d73742021f28bcb6ed28.exe
    "C:\Users\Admin\AppData\Local\Temp\e2b51130e08491fd11acd1482b1d829922e6c8e574b0d73742021f28bcb6ed28.exe"
    1⤵
    • Enumerates connected drives
    • Suspicious use of SetWindowsHookEx
    PID:956

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/956-56-0x00000000046D0000-0x00000000049E2000-memory.dmp

          Filesize

          3.1MB

          Download

        • memory/956-58-0x00000000046D0000-0x00000000049E2000-memory.dmp

          Filesize

          3.1MB

          Download

        • memory/956-59-0x0000000075B61000-0x0000000075B63000-memory.dmp

          Filesize

          8KB

          Download

        • memory/956-60-0x0000000004610000-0x000000000461A000-memory.dmp

          Filesize

          40KB

          Download

        • memory/956-61-0x0000000004610000-0x000000000461A000-memory.dmp

          Filesize

          40KB

          Download

        • memory/956-63-0x0000000004610000-0x000000000461A000-memory.dmp

          Filesize

          40KB

          Download

        • memory/956-62-0x0000000004610000-0x000000000461A000-memory.dmp

          Filesize

          40KB

          Download

        • memory/956-64-0x0000000004610000-0x000000000461A000-memory.dmp

          Filesize

          40KB

          Download

        • memory/956-65-0x00000000044D0000-0x00000000044DA000-memory.dmp

          Filesize

          40KB

          Download

        • memory/956-66-0x00000000044D0000-0x00000000044DA000-memory.dmp

          Filesize

          40KB

          Download

        • memory/956-67-0x00000000044D0000-0x00000000044DA000-memory.dmp

          Filesize

          40KB

          Download

        • memory/956-68-0x00000000044D0000-0x00000000044DA000-memory.dmp

          Filesize

          40KB

          Download

        • memory/956-69-0x0000000004610000-0x000000000461A000-memory.dmp

          Filesize

          40KB

          Download

        • memory/956-70-0x0000000004610000-0x000000000461A000-memory.dmp

          Filesize

          40KB

          Download

        • memory/956-71-0x0000000004610000-0x000000000461A000-memory.dmp

          Filesize

          40KB

          Download

        • memory/956-72-0x0000000004610000-0x000000000461A000-memory.dmp

          Filesize

          40KB

          Download

        • memory/956-73-0x0000000004610000-0x000000000461A000-memory.dmp

          Filesize

          40KB

          Download

        • memory/956-74-0x0000000004610000-0x000000000461A000-memory.dmp

          Filesize

          40KB

          Download

        • memory/956-75-0x00000000044D0000-0x00000000044DA000-memory.dmp

          Filesize

          40KB

          Download

        • memory/956-76-0x00000000044D0000-0x00000000044DA000-memory.dmp

          Filesize

          40KB

          Download

        • memory/956-77-0x00000000044D0000-0x00000000044DA000-memory.dmp

          Filesize

          40KB

          Download