Analysis
-
max time kernel
28s -
max time network
30s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system -
submitted
14-02-2023 05:59
Behavioral task
behavioral1
Sample
1d012d992193baef6c24184e8997344ae91d85e4ff38251e4ff118320b87e667.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
1d012d992193baef6c24184e8997344ae91d85e4ff38251e4ff118320b87e667.exe
Resource
win10v2004-20220901-en
General
-
Target
1d012d992193baef6c24184e8997344ae91d85e4ff38251e4ff118320b87e667.exe
-
Size
957KB
-
MD5
5f8de7ccc5e6c044632a1a6c720c2ac6
-
SHA1
141979864304f786e05e30a79254e15ee780e96b
-
SHA256
1d012d992193baef6c24184e8997344ae91d85e4ff38251e4ff118320b87e667
-
SHA512
2f04810b39c1d45eef6009e6a48de9d693c4d57661b46d5f23a85840ed4bbd73271813b5e2841309d0d9cc8983111157a6e67c6a03aacd4d8a0329d9be03bcb8
-
SSDEEP
24576:7Xof7FpafAQDL9y+sg9hYDeKc1s08f8sHi2mfj:zoxpSAQP9zeE1snf8X2m7
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes:
1d012d992193baef6c24184e8997344ae91d85e4ff38251e4ff118320b87e667.exepid process 1508 1d012d992193baef6c24184e8997344ae91d85e4ff38251e4ff118320b87e667.exe 1508 1d012d992193baef6c24184e8997344ae91d85e4ff38251e4ff118320b87e667.exe
Processes
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1508-54-0x00000000757E1000-0x00000000757E3000-memory.dmpFilesize
8KB