Overview

overview

10

Static

static

10

Srenshare ...in.lnk

windows7-x64

3

Srenshare ...in.lnk

windows10-2004-x64

3

Srenshare ...es.lnk

windows7-x64

3

Srenshare ...es.lnk

windows10-2004-x64

3

Srenshare ...ns.lnk

windows7-x64

3

Srenshare ...ns.lnk

windows10-2004-x64

7

Srenshare ...os.lnk

windows7-x64

3

Srenshare ...os.lnk

windows10-2004-x64

7

Srenshare ...ch.lnk

windows7-x64

3

Srenshare ...ch.lnk

windows10-2004-x64

3

Srenshare ...mp.lnk

windows7-x64

3

Srenshare ...mp.lnk

windows10-2004-x64

3

Srenshare ...SS.exe

windows7-x64

3

Srenshare ...SS.exe

windows10-2004-x64

3

Srenshare ...up.exe

windows7-x64

7

Srenshare ...up.exe

windows10-2004-x64

7

Srenshare ...s-.url

windows7-x64

1

Srenshare ...s-.url

windows10-2004-x64

1

Srenshare ...1).exe

windows7-x64

7

Srenshare ...1).exe

windows10-2004-x64

7

Srenshare ...ew.exe

windows7-x64

6

Srenshare ...ew.exe

windows10-2004-x64

6

Srenshare ...in.exe

windows7-x64

5

Srenshare ...in.exe

windows10-2004-x64

7

Srenshare ... 2.lnk

windows7-x64

3

Srenshare ... 2.lnk

windows10-2004-x64

3

Srenshare ...er.exe

windows7-x64

9

Srenshare ...er.exe

windows10-2004-x64

9

Srenshare ...ew.exe

windows7-x64

6

Srenshare ...ew.exe

windows10-2004-x64

6

Srenshare ...ew.exe

windows7-x64

9

Srenshare ...ew.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    119s
  • max time network
    136s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05-02-2023 01:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Srenshare tool/Tools/Everything-1.4.1.935.x86-Setup.exe

  • Size

    1.4MB

  • MD5

    8dd3e60cbe81c3c5e7ac5c6c40e2f598

  • SHA1

    6806cbce18bd0d05a6d5ac9324b0002ce0850d17

  • SHA256

    07ec4ed8031a33e4d34b6eb9da65bb85c26d32e9297c4b28e948c7c7397dbda0

  • SHA512

    b691581ac4eeee554509f7b38cecda6ecd5cf33a7c34a5b48f74a45f0097f097ecf9ecf3a3fcdd0915404ae87c23439e586d03675918ad365f21a42c974b3242

  • SSDEEP

    24576:Zsq19uXicXMEkLOySYHi8AMXufXs8iv3OHb0+8TetBlrHryjHBRTmsI7owQioF:ylZXMEhySY6z8n3O70+jRLyjHbTm9oxB

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

Processes

  • C:\Users\Admin\AppData\Local\Temp\Srenshare tool\Tools\Everything-1.4.1.935.x86-Setup.exe
    "C:\Users\Admin\AppData\Local\Temp\Srenshare tool\Tools\Everything-1.4.1.935.x86-Setup.exe"
    1⤵
    • Loads dropped DLL
    PID:4872

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsm7314.tmp\LangDLL.dll
    Filesize

    5KB

    MD5

    a1cd3f159ef78d9ace162f067b544fd9

    SHA1

    72671fdf4bfeeb99b392685bf01081b4a0b3ae66

    SHA256

    47b9e251c9c90f43e3524965aecc07bd53c8e09c5b9f9862b44c306667e2b0b6

    SHA512

    ccc70166c7d7746cd42cd0cec322b2adf4a478ff67c35d465f0f0f5b2b369c996a95557b678c09cb21b8311d8a91eed4196ddc218ea7d510f81464669b911362

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\nsm7314.tmp\System.dll
    Filesize

    11KB

    MD5

    bf712f32249029466fa86756f5546950

    SHA1

    75ac4dc4808ac148ddd78f6b89a51afbd4091c2e

    SHA256

    7851cb12fa4131f1fee5de390d650ef65cac561279f1cfe70ad16cc9780210af

    SHA512

    13f69959b28416e0b8811c962a49309dca3f048a165457051a28a3eb51377dcaf99a15e86d7eee8f867a9e25ecf8c44da370ac8f530eeae7b5252eaba64b96f4

    Download Submit