Overview
overview
6Static
static
0AC0360234...7A.msg
windows7-x64
60AC0360234...7A.msg
windows10-2004-x64
3image002.png
windows7-x64
3image002.png
windows10-2004-x64
3image004.jpg
windows7-x64
3image004.jpg
windows10-2004-x64
3image005.png
windows7-x64
3image005.png
windows10-2004-x64
3image006.png
windows7-x64
3image006.png
windows10-2004-x64
3Analysis
-
max time kernel
60s -
max time network
123s -
platform
windows10-2004_x64 -
resource
win10v2004-20220901-en -
resource tags
arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system -
submitted
25-01-2023 11:50
Static task
static1
Behavioral task
behavioral1
Sample
0AC03602341F8FF2D62978EE40C0C1E4AB86FF695FC4B27C9A34F536C9D6017A.msg
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
0AC03602341F8FF2D62978EE40C0C1E4AB86FF695FC4B27C9A34F536C9D6017A.msg
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
image002.png
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
image002.png
Resource
win10v2004-20220812-en
Behavioral task
behavioral5
Sample
image004.jpg
Resource
win7-20221111-en
Behavioral task
behavioral6
Sample
image004.jpg
Resource
win10v2004-20221111-en
Behavioral task
behavioral7
Sample
image005.png
Resource
win7-20221111-en
Behavioral task
behavioral8
Sample
image005.png
Resource
win10v2004-20220901-en
Behavioral task
behavioral9
Sample
image006.png
Resource
win7-20220812-en
Behavioral task
behavioral10
Sample
image006.png
Resource
win10v2004-20221111-en
General
-
Target
image005.png
-
Size
16KB
-
MD5
e2ba0ff53b131a4021305fe1fb180b64
-
SHA1
e1bc83057d3cd25ae7fbf8f04c02c266cbb134eb
-
SHA256
e77b875878cb422861e96c86ae5ad5737824a5cb626500467f33f2e02e662154
-
SHA512
288d6ce179a465981d9f286b3ab0348e97aa99b17e2032105aae04e0878f311400006b13a077d4e9f78bd51aa4fc99794ba9ff9bdb1868a72565a9829c3b7ee6
-
SSDEEP
384:OWgPDpOMBOQLLUWgJ4vq45/gojGe1SaBzDgo6lXaIEQ:OWgtvAXPyS4tgojb1Sahgouay
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.