Overview

overview

8

Static

static

8

938f51016d...29.exe

windows7-x64

8

938f51016d...29.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    151s
  • max time network
    180s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/12/2022, 13:11

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    938f51016dea739eb505c5b35fa109280eb5ba289bc379659a5b44e0d00d7329.exe

  • Size

    24KB

  • MD5

    982e4f1b0d0124fc0d1322b60271d6fd

  • SHA1

    d3a8d98efc9576dcb142458912c8a5a18344fde5

  • SHA256

    938f51016dea739eb505c5b35fa109280eb5ba289bc379659a5b44e0d00d7329

  • SHA512

    a6cf3a5b30086817361fbc8a630f951819c3aa7093d25ca754e173968d4ff4d21ffe3cdcee68ed231f699ed0612763b50496b1bbb736b5cb11a4733f77596a4d

  • SSDEEP

    384:AqD5QsAjRv+PlmXalnrATgDSkxNl5XG7PMt4Y9xHgV5IAmPW389Q1V/x+XzI:15Ziv+NrrA0DSUBG7PEKOAmWq

Score
8/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

Processes

  • C:\Users\Admin\AppData\Local\Temp\938f51016dea739eb505c5b35fa109280eb5ba289bc379659a5b44e0d00d7329.exe
    "C:\Users\Admin\AppData\Local\Temp\938f51016dea739eb505c5b35fa109280eb5ba289bc379659a5b44e0d00d7329.exe"
    1⤵
      PID:1972

    Network

          MITRE ATT&CK Enterprise v6

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/1972-132-0x0000000000400000-0x0000000000415000-memory.dmp

            Filesize

            84KB

            Download

          • memory/1972-133-0x0000000000400000-0x0000000000415000-memory.dmp

            Filesize

            84KB

            Download