Overview

overview

7

Static

static

1

3150ea57c4...d2.exe

windows7-x64

7

3150ea57c4...d2.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    147s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/12/2022, 19:01 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3150ea57c47370ffabeb0919abc3c3a08ede0e6528cbc4049cee138dea0d52d2.exe

  • Size

    311KB

  • MD5

    402998ce59cf12aa63bf50f965605bdd

  • SHA1

    ec7432fce3263d90afd31b572adfe84d0c1abdc4

  • SHA256

    3150ea57c47370ffabeb0919abc3c3a08ede0e6528cbc4049cee138dea0d52d2

  • SHA512

    972f48edb16808bdda725e0cc01699cf4909f66929027cfac6451c8db08c5f2e03c4340d8ba789bbd43a2b3fd03a09bf35cb5cd1a88a8f3a5253bce21365b3a4

  • SSDEEP

    6144:j+K0zxl/aEZlr7uLT7Z+NIPYWe5WFxR24kp6PKoi1ra:Kz+2qvZnYQF3OA2c

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 7 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

Processes

  • C:\Users\Admin\AppData\Local\Temp\3150ea57c47370ffabeb0919abc3c3a08ede0e6528cbc4049cee138dea0d52d2.exe
    "C:\Users\Admin\AppData\Local\Temp\3150ea57c47370ffabeb0919abc3c3a08ede0e6528cbc4049cee138dea0d52d2.exe"
    1⤵
    • Loads dropped DLL
    PID:3140

Network

  • flag-unknown
    DNS
    dtrack.sslsecure1.com
    3150ea57c47370ffabeb0919abc3c3a08ede0e6528cbc4049cee138dea0d52d2.exe
    Remote address:
    8.8.8.8:53
    Request
    dtrack.sslsecure1.com
    IN A
    Response
    dtrack.sslsecure1.com
    IN A
    193.166.255.171
  • 8.247.210.254:80
    322 B
     7
  • 8.247.210.254:80
    322 B
     7
  • 8.247.210.254:80
    322 B
     7
  • 193.166.255.171:80
    dtrack.sslsecure1.com
    3150ea57c47370ffabeb0919abc3c3a08ede0e6528cbc4049cee138dea0d52d2.exe
    260 B
     5
  • 193.166.255.171:80
    dtrack.sslsecure1.com
    3150ea57c47370ffabeb0919abc3c3a08ede0e6528cbc4049cee138dea0d52d2.exe
    260 B
     5
  • 193.166.255.171:80
    dtrack.sslsecure1.com
    3150ea57c47370ffabeb0919abc3c3a08ede0e6528cbc4049cee138dea0d52d2.exe
    260 B
     5
  • 193.166.255.171:80
    dtrack.sslsecure1.com
    3150ea57c47370ffabeb0919abc3c3a08ede0e6528cbc4049cee138dea0d52d2.exe
    260 B
     5
  • 193.166.255.171:80
    dtrack.sslsecure1.com
    3150ea57c47370ffabeb0919abc3c3a08ede0e6528cbc4049cee138dea0d52d2.exe
    260 B
     5
  • 193.166.255.171:80
    dtrack.sslsecure1.com
    3150ea57c47370ffabeb0919abc3c3a08ede0e6528cbc4049cee138dea0d52d2.exe
    260 B
     5
  • 193.166.255.171:80
    dtrack.sslsecure1.com
    3150ea57c47370ffabeb0919abc3c3a08ede0e6528cbc4049cee138dea0d52d2.exe
    260 B
     5
  • 8.8.8.8:53
    dtrack.sslsecure1.com
    dns
    3150ea57c47370ffabeb0919abc3c3a08ede0e6528cbc4049cee138dea0d52d2.exe
    67 B
     83 B
     1
    1

    DNS Request

    dtrack.sslsecure1.com

    DNS Response

    193.166.255.171

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsa6E99.tmp\nsisdl.dll
    Filesize

    14KB

    MD5

    1dadb63a5dfaa0679485c5dbaf96033f

    SHA1

    d1717aab683c55bd13bbd520d2a91178efa0d676

    SHA256

    72c65f7cd4a611b077b1ad0be8185780909e9cb04c53ecdac3e17fc72c99b245

    SHA512

    46535c2d96937d49ee7c222428db4a8d61eb346efa0845fcd88e06523ed7836518e5a72d623e9c5563bf6759b449b6d2fcb0340b98a6e7966027bc983db4f722

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsa6E99.tmp\nsisdl.dll
    Filesize

    14KB

    MD5

    1dadb63a5dfaa0679485c5dbaf96033f

    SHA1

    d1717aab683c55bd13bbd520d2a91178efa0d676

    SHA256

    72c65f7cd4a611b077b1ad0be8185780909e9cb04c53ecdac3e17fc72c99b245

    SHA512

    46535c2d96937d49ee7c222428db4a8d61eb346efa0845fcd88e06523ed7836518e5a72d623e9c5563bf6759b449b6d2fcb0340b98a6e7966027bc983db4f722

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsa6E99.tmp\nsisdl.dll
    Filesize

    14KB

    MD5

    1dadb63a5dfaa0679485c5dbaf96033f

    SHA1

    d1717aab683c55bd13bbd520d2a91178efa0d676

    SHA256

    72c65f7cd4a611b077b1ad0be8185780909e9cb04c53ecdac3e17fc72c99b245

    SHA512

    46535c2d96937d49ee7c222428db4a8d61eb346efa0845fcd88e06523ed7836518e5a72d623e9c5563bf6759b449b6d2fcb0340b98a6e7966027bc983db4f722

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsa6E99.tmp\nsisdl.dll
    Filesize

    14KB

    MD5

    1dadb63a5dfaa0679485c5dbaf96033f

    SHA1

    d1717aab683c55bd13bbd520d2a91178efa0d676

    SHA256

    72c65f7cd4a611b077b1ad0be8185780909e9cb04c53ecdac3e17fc72c99b245

    SHA512

    46535c2d96937d49ee7c222428db4a8d61eb346efa0845fcd88e06523ed7836518e5a72d623e9c5563bf6759b449b6d2fcb0340b98a6e7966027bc983db4f722

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsa6E99.tmp\nsisdl.dll
    Filesize

    14KB

    MD5

    1dadb63a5dfaa0679485c5dbaf96033f

    SHA1

    d1717aab683c55bd13bbd520d2a91178efa0d676

    SHA256

    72c65f7cd4a611b077b1ad0be8185780909e9cb04c53ecdac3e17fc72c99b245

    SHA512

    46535c2d96937d49ee7c222428db4a8d61eb346efa0845fcd88e06523ed7836518e5a72d623e9c5563bf6759b449b6d2fcb0340b98a6e7966027bc983db4f722

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsa6E99.tmp\nsisdl.dll
    Filesize

    14KB

    MD5

    1dadb63a5dfaa0679485c5dbaf96033f

    SHA1

    d1717aab683c55bd13bbd520d2a91178efa0d676

    SHA256

    72c65f7cd4a611b077b1ad0be8185780909e9cb04c53ecdac3e17fc72c99b245

    SHA512

    46535c2d96937d49ee7c222428db4a8d61eb346efa0845fcd88e06523ed7836518e5a72d623e9c5563bf6759b449b6d2fcb0340b98a6e7966027bc983db4f722

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsa6E99.tmp\nsisdl.dll
    Filesize

    14KB

    MD5

    1dadb63a5dfaa0679485c5dbaf96033f

    SHA1

    d1717aab683c55bd13bbd520d2a91178efa0d676

    SHA256

    72c65f7cd4a611b077b1ad0be8185780909e9cb04c53ecdac3e17fc72c99b245

    SHA512

    46535c2d96937d49ee7c222428db4a8d61eb346efa0845fcd88e06523ed7836518e5a72d623e9c5563bf6759b449b6d2fcb0340b98a6e7966027bc983db4f722

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.