Analysis
-
max time kernel
189s -
max time network
194s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system -
submitted
06/12/2022, 21:45
Static task
static1
Behavioral task
behavioral1
Sample
556fffdf2073e2302f11191487a65988b7e6b93631e3ea4d39fe1cebae49d3b6.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
556fffdf2073e2302f11191487a65988b7e6b93631e3ea4d39fe1cebae49d3b6.exe
Resource
win10v2004-20221111-en
General
-
Target
556fffdf2073e2302f11191487a65988b7e6b93631e3ea4d39fe1cebae49d3b6.exe
-
Size
3.8MB
-
MD5
dadc2a0802519f583cfa735c259e8c6b
-
SHA1
36b11e27fc523c4cbc031a7a6b21acd0129aa5a7
-
SHA256
556fffdf2073e2302f11191487a65988b7e6b93631e3ea4d39fe1cebae49d3b6
-
SHA512
9380ea99e03f54fcb5623dd392faf5f92adaf6074889edcea48d2dd5ef8279b53a4be200d8ad95017e909b3eb9a49b1aee505c6bb96160399ab7b8919c8d2a0a
-
SSDEEP
98304:GkHqrneH6LPM1D7ViuHeXeR4TyWOnbcfy/BUr:7KC6o13YimeR5dbmy/BUr
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
pid Process 1052 556fffdf2073e2302f11191487a65988b7e6b93631e3ea4d39fe1cebae49d3b6.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
14KB
MD50dc0cc7a6d9db685bf05a7e5f3ea4781
SHA15d8b6268eeec9d8d904bc9d988a4b588b392213f
SHA2568e287326f1cdd5ef2dcd7a72537c68cbe4299ceb1f820707c5820f3aa6d8206c
SHA512814dd17ebb434f4a3356f716c783ab7f569f9ee34ce5274fa50392526925f044798f8006198ac7afe3d1c2ca83a2ca8c472ca53fec5f12bbfbbe0707abacd6b0