Overview

overview

3

Static

static

da1d4980eb...18.exe

windows7-x64

3

da1d4980eb...18.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    16s
  • max time network
    34s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    06-12-2022 14:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    da1d4980eb4a4443a7e80d026752e2fd1f17417f1ab1e56001f757339b7ee018.exe

  • Size

    37KB

  • MD5

    a0401a66c1d6fd77f4547a77decb8b1c

  • SHA1

    46fb7d41f86844902d2c1e8f62b03759160afea4

  • SHA256

    da1d4980eb4a4443a7e80d026752e2fd1f17417f1ab1e56001f757339b7ee018

  • SHA512

    b526f491d3542c0abca2ab98d3978cb68bc156d8f46416e7d07cd3f2913543b9e2fe88d23020a267d9e5d6c67b2a0ea81c00497ed7feba253b92b6bdea224674

  • SSDEEP

    384:/TkI+IUhPj1oFG5iI/hGVOA5ib1WsDUSIknhu1jKnv7D3y:/otIUljfHJQt2Ubmu1jKvC

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\da1d4980eb4a4443a7e80d026752e2fd1f17417f1ab1e56001f757339b7ee018.exe
    "C:\Users\Admin\AppData\Local\Temp\da1d4980eb4a4443a7e80d026752e2fd1f17417f1ab1e56001f757339b7ee018.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1668

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1668-56-0x0000000075C81000-0x0000000075C83000-memory.dmp

    Filesize

    8KB

    Download