Analysis
-
max time kernel
127s -
max time network
129s -
platform
windows10-2004_x64 -
resource
win10v2004-20230220-en -
resource tags
arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system -
submitted
31-03-2023 18:39
Static task
static1
Behavioral task
behavioral1
Sample
csnetweb_setup.exe
Resource
win10v2004-20230220-en
General
-
Target
csnetweb_setup.exe
-
Size
8.4MB
-
MD5
70c4f556a8a517a86ad779e2adc116f2
-
SHA1
8836de77ca7175b879f1202609155c62ed63219c
-
SHA256
457fc3f810c33753d17bb2fe316de423ab8978a7a47c55355b947a958a8a87f0
-
SHA512
65c0e7de764c0c1d9178c66a60e1d09c3ebb3b476500572955b94eff96c3d6b525ae6cf3348eb5334a0808048661b57056b8aba6046006731de275ca17125ab6
-
SSDEEP
196608:Kv0QIRduBNRqLRxYOuhBTSmpQ4PpbyDGYtWek3Sp76Io5oHIIlzkk:k0pRduBzqfYJBTSmO4Pp2pUSkIgoHIIP
Malware Config
Signatures
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Hitachi\CSNETWEB\csnetweb.exeFilesize
9.1MB
MD5a271ec2b6eda59095f5e424cec4f9aa4
SHA122a62ff8b433aead69d0f3f320c046f8f1638f6b
SHA2569ea9b4a13a84faddcf15ac1c691d6af7552131e9874da4fb65776d849d3bd006
SHA512cf027eb81c11498a1bf1dc886f6351d3c3f3ff2f4bc72f451182bd181a01ea048f4c75036989b6e18604577048ab492819bf85f9fe364489cd0954c21d7d09bb