Analysis
-
max time kernel
177s -
max time network
193s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
-
submitted
04-12-2022 14:27
General
-
Target
f01145da503df4578bd214e7df68694677fca9a23a166dca7f1bc60944111eff.exe
-
Size
80KB
-
MD5
9d54049b6f6d35ab25398118bd8d4739
-
SHA1
c09092fdcb131cecd3f72380c97a55977f8fc6f7
-
SHA256
f01145da503df4578bd214e7df68694677fca9a23a166dca7f1bc60944111eff
-
SHA512
1c2e085e11cb79f1192729e58a3ef09a30ea8f81d5853eb56580b0ba63629316f124c9f1b1aa627a082ab388a74087f7fd1b1da9e05dea73e639ecf3e4b51684
-
SSDEEP
1536:PvFqiyeRfmEFqhVC1Gjn0/fS+kgR3K4NUsTEFET0o8/Q8ok89:PvkHeR+EFKo1GjnuSwK4BwSX8/Q8s
Score
5/10
Malware Config
Signatures
-
Drops file in System32 directory 1 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\f01145da503df4578bd214e7df68694677fca9a23a166dca7f1bc60944111eff.exe"C:\Users\Admin\AppData\Local\Temp\f01145da503df4578bd214e7df68694677fca9a23a166dca7f1bc60944111eff.exe"1⤵
- Drops file in System32 directory
- Suspicious use of SetWindowsHookEx