Overview

overview

7

Static

static

1

ScreenRec_...ll.exe

windows7-x64

7

ScreenRec_...ll.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    76s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09-03-2023 19:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ScreenRec_webinstall_all.exe

  • Size

    430KB

  • MD5

    bf776a87851684618960380cbe2432a7

  • SHA1

    e9d91e78f658523f7e5da701cc30ec62f649510f

  • SHA256

    3fe36d00445253bf669d03f37b9e57b936ca837110ca0156ce7190616327f1f2

  • SHA512

    f7d8d136bedde342cbe2af844590c6bca5509fbd3a4176e4bc59867d6e62f66e68fc08462b35500715b044ce86c99ff59d3a981792e0d8254a1f7f40cb5fb475

  • SSDEEP

    6144:SFdKf6NxbxAcLs0ev9d3mTVjBpKUru9ouk5weQcls0ej9d3mTVjRpKUruqG4:CychevriBXru97qz0jriRXruqG4

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

Processes

  • C:\Users\Admin\AppData\Local\Temp\ScreenRec_webinstall_all.exe
    "C:\Users\Admin\AppData\Local\Temp\ScreenRec_webinstall_all.exe"
    1⤵
    • Loads dropped DLL
    PID:4964

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsh6874.tmp\InstallOptions.dll
    Filesize

    14KB

    MD5

    20f3184efe7edddfef3325efc25d12a5

    SHA1

    8db4c500d73f9525a7e9834df6caea2e70189939

    SHA256

    0e014352b64abc431d97460d79757cbafbf6ba997c08b608c294e1f582af269a

    SHA512

    433188957a4603c9c61ec698a720021aacf61f46ccc32d5a11bcb6f2d0b1f01e5680635707d8a0ec7a9ef2aa2a85d6dec07ded452e4cb9e280062c0bed555c1a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsh6874.tmp\ioSpecial.ini
    Filesize

    669B

    MD5

    e2d694a73aa0f50602e68725690a5761

    SHA1

    5d9c69c7842b96f04d249bc7b70f3a12d737352d

    SHA256

    892a5603df79f0917b96d46b8279ac24fab758196eb87f2115f8df5bd1d2aa2e

    SHA512

    835b27adb9abdfec2533a2c0e43e3c9cfc908da173542d695e6a7e64090e07e4c2406e18365344c1e753cc47ace735a0a225af546f8dd8d6d89abddab0118cb1

    Download Submit