Overview

overview

5

Static

static

tmp.exe

windows7-x64

5

tmp.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    39s
  • max time network
    42s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2022, 14:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    tmp.exe

  • Size

    5.5MB

  • MD5

    769c88af8f79b502a3f372313da5c304

  • SHA1

    1ca8f93fae77bebfa4d44d09d7150c62b2937d88

  • SHA256

    ba2b024ed0ca0fc1ff7c4637e16eb5438ef7f7ca983142accdb501c12f048a63

  • SHA512

    5ee6d5bddde129b816f1924d66ebaf0651321b198103b779679dfc12f897798764905a9baa0b185b5c1133655935c559a4822acfe126e1a8306f17db48a7d071

  • SSDEEP

    98304:uPEw5ltGUK8dHjjg2XhQGp74t55m4Si88Gv6DvbSwS4uo:u8eGk4AQQUFm5i8BSDG4L

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 4 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\tmp.exe
    "C:\Users\Admin\AppData\Local\Temp\tmp.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:1184

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1184-54-0x0000000076AE1000-0x0000000076AE3000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1184-56-0x00000000763E0000-0x0000000076427000-memory.dmp

    Filesize

    284KB

    Download

  • memory/1184-463-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-465-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-464-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-467-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-466-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-469-0x0000000000400000-0x0000000000C40000-memory.dmp

    Filesize

    8.2MB

    Download

  • memory/1184-468-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-471-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-470-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-473-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-472-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-475-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-474-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-476-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-477-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-478-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-479-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-481-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-480-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-483-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-482-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-484-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-485-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-487-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-486-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-489-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-488-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-490-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-491-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-492-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-494-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-493-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-495-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-497-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-496-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-498-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-499-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-500-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-501-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-502-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-503-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-504-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-505-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-506-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-507-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-509-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-508-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-510-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-511-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-512-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-513-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-514-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-515-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-516-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-517-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-518-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-519-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-521-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-520-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-522-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-523-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-524-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-525-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-1460-0x0000000002660000-0x0000000002760000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1184-1461-0x00000000027C0000-0x0000000002941000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/1184-4794-0x0000000002B00000-0x0000000002C11000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1184-4795-0x0000000000400000-0x0000000000C40000-memory.dmp

    Filesize

    8.2MB

    Download

  • memory/1184-4796-0x00000000029E0000-0x0000000002AE1000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/1184-4797-0x0000000002660000-0x0000000002760000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1184-4798-0x0000000000C40000-0x0000000000CE1000-memory.dmp

    Filesize

    644KB

    Download

  • memory/1184-4799-0x0000000003DD0000-0x0000000003DE0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1184-4800-0x0000000000400000-0x0000000000C40000-memory.dmp

    Filesize

    8.2MB

    Download