Overview

overview

4

Static

static

1

5622401821...7b.exe

windows7-x64

4

5622401821...7b.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    39s
  • max time network
    42s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    15-02-2023 20:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5622401821da8d2ce40edf3dd04ca9ab0640a1b0c3807e22fd680ac05bf5307b.exe

  • Size

    496KB

  • MD5

    12799cc8c437d6c9e5a180c18cda2e72

  • SHA1

    a8ef8b97ec34350f50772b4fe0879e64cad0acbe

  • SHA256

    5622401821da8d2ce40edf3dd04ca9ab0640a1b0c3807e22fd680ac05bf5307b

  • SHA512

    75ca4fae69d2b9b3a84eb7f2746a02636a721dfb54fb748cdc766b535624f894d5cde27f06eed5a095ec2f3424a0942e71c26b5d1cc51518c9c219fb24d16270

  • SSDEEP

    6144:5Vm+/dfP/9vH0ZVFjF+bxVztXG5D7H0lfP/9rcfe:5Vm+/F9vH2AVVztXG57H29rcfe

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5622401821da8d2ce40edf3dd04ca9ab0640a1b0c3807e22fd680ac05bf5307b.exe
    "C:\Users\Admin\AppData\Local\Temp\5622401821da8d2ce40edf3dd04ca9ab0640a1b0c3807e22fd680ac05bf5307b.exe"
    1⤵
    • Drops file in Windows directory
    • Suspicious use of SetWindowsHookEx
    PID:1044

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1044-54-0x0000000075C61000-0x0000000075C63000-memory.dmp

    Filesize

    8KB

    Download