Overview

overview

10

Static

static

84d7230316...17.exe

windows7-x64

7

84d7230316...17.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    113s
  • max time network
    31s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    09-12-2022 14:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    84d7230316c0bfff0a616eead303aa45af3eb5ce3ad55ad3eb99f00b0458ac17.exe

  • Size

    669KB

  • MD5

    8698d231ca2e4dc4ddd8280a3b5b13da

  • SHA1

    0936250d735054f4af8edcccea47978ad43d5a8a

  • SHA256

    84d7230316c0bfff0a616eead303aa45af3eb5ce3ad55ad3eb99f00b0458ac17

  • SHA512

    cc1b876f492565561f5e671fd0eda183573ccd57a0678832f5b74765678b239d32628df178f6e2cb360d1d7e45b1479864db49bf2468337f9a2222c57f7515dc

  • SSDEEP

    12288:Tb0XDnlN4JMhvLy4cEsHEbeIZkrjc06uiM7SJYG2IpSJmYAheyMfT:Tb0XaCcEomeIeXF+v2IphYaHMfT

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Drops file in Windows directory 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

Processes

  • C:\Users\Admin\AppData\Local\Temp\84d7230316c0bfff0a616eead303aa45af3eb5ce3ad55ad3eb99f00b0458ac17.exe
    "C:\Users\Admin\AppData\Local\Temp\84d7230316c0bfff0a616eead303aa45af3eb5ce3ad55ad3eb99f00b0458ac17.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Windows directory
    PID:1996

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\nsu8B9F.tmp\System.dll
    Filesize

    12KB

    MD5

    cff85c549d536f651d4fb8387f1976f2

    SHA1

    d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e

    SHA256

    8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8

    SHA512

    531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88

    Download Submit

  • memory/1996-54-0x0000000075511000-0x0000000075513000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1996-56-0x0000000002390000-0x0000000002FDA000-memory.dmp

    Filesize

    12.3MB

    Download

  • memory/1996-57-0x0000000002390000-0x0000000002FDA000-memory.dmp

    Filesize

    12.3MB

    Download