Overview

overview

3

Static

static

1

AnyDesk (1).exe

windows7-x64

3

AnyDesk (1).exe

windows10-2004-x64

3

Analysis

  • max time kernel
    1800s
  • max time network
    1770s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230221-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230221-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28-02-2023 16:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    AnyDesk (1).exe

  • Size

    3.8MB

  • MD5

    e546506082b374a0869bdd97b313fe5d

  • SHA1

    082dc6b336b41788391bad20b26f4b9a1ad724fc

  • SHA256

    fc19f3275d02764cf249dc6fe8962e06b83a4f5769cc369bc4f77b90c567df18

  • SHA512

    15a8d7c74193dffd77639b1356ccbe975d17de73d0d6d177b8ecf816d665f620adefcded37c141bac0b2d8564fbba61aca4d9b01885740f23fbcc190515cbd08

  • SSDEEP

    98304:uSCb8xJlb0VgU/vZaZKa4opQILfbsLajDMWEeq7PbUs6En5:uH8HCOUZakpAbjbsLsMmqM

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Program crash 1 IoCs
  • Checks processor information in registry 2 TTPs 6 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious behavior: LoadsDriver 10 IoCs