Overview

overview

3

Static

static

IBRA_30-12...V3.rar

windows7-x64

3

IBRA_30-12...V3.rar

windows10-2004-x64

3

MODELMAPEO...v3.map

windows7-x64

3

MODELMAPEO...v3.map

windows10-2004-x64

3

MODELMAPEO..._c.lua

windows7-x64

3

MODELMAPEO..._c.lua

windows10-2004-x64

3

MODELMAPEO..._s.vbs

windows7-x64

1

MODELMAPEO..._s.vbs

windows10-2004-x64

1

MODELMAPEO...ta.xml

windows7-x64

1

MODELMAPEO...ta.xml

windows10-2004-x64

1

[IBRA-2022...o2.col

windows7-x64

3

[IBRA-2022...o2.col

windows10-2004-x64

3

[IBRA-2022...o2.dff

windows7-x64

3

[IBRA-2022...o2.dff

windows10-2004-x64

3

[IBRA-2022...nt.vbs

windows7-x64

1

[IBRA-2022...nt.vbs

windows10-2004-x64

1

[IBRA-2022...a1.txd

windows7-x64

3

[IBRA-2022...a1.txd

windows10-2004-x64

3

[IBRA-2022...v2.col

windows7-x64

3

[IBRA-2022...v2.col

windows10-2004-x64

3

[IBRA-2022...v2.dff

windows7-x64

3

[IBRA-2022...v2.dff

windows10-2004-x64

3

[IBRA-2022...v3.col

windows7-x64

3

[IBRA-2022...v3.col

windows10-2004-x64

3

[IBRA-2022...v3.dff

windows7-x64

3

[IBRA-2022...v3.dff

windows10-2004-x64

3

[IBRA-2022...t2.col

windows7-x64

3

[IBRA-2022...t2.col

windows10-2004-x64

3

[IBRA-2022...t2.dff

windows7-x64

3

[IBRA-2022...t2.dff

windows10-2004-x64

3

[IBRA-2022...ta.xml

windows7-x64

1

[IBRA-2022...ta.xml

windows10-2004-x64

1

Analysis

  • max time kernel
    90s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-01-2023 05:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    IBRA_30-12-2022_Mina_2_V3.rar

  • Size

    348KB

  • MD5

    0cb91159d85168c0707818779fcddcbe

  • SHA1

    505ee1b2acbe01fac4b738c5fe5e11636bc9a44c

  • SHA256

    ce246655a1634245a92b0ba781ac4829471a12a0ae1065645d761d729deb5d6a

  • SHA512

    26c9605f2cb60204a977cfc67a8f075e05141a1ff4753b84b662bd675d04a4fed70498c93f587a644426ab141424353eca7419327572681e7f3aeca077cd9dd3

  • SSDEEP

    6144:tooPRtcvwWejV+v9g+ZdPBu/LrZ30hzAa08mj2crG8oO75swQ7334EWf:eomKOBAczAa0Zj2crG8oM+b731Wf

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\IBRA_30-12-2022_Mina_2_V3.rar
    1⤵
    • Modifies registry class
    PID:2400
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:1868

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads