Analysis
-
max time kernel
255s -
max time network
296s -
platform
windows10-2004_x64 -
resource
win10v2004-20230221-es -
resource tags
arch:x64arch:x86image:win10v2004-20230221-eslocale:es-esos:windows10-2004-x64systemwindows -
submitted
03-04-2023 19:40
Static task
static1
Behavioral task
behavioral1
Sample
nnfsske3444e zgaddh0n 87gz17.exe
Resource
win7-20230220-es
Behavioral task
behavioral2
Sample
nnfsske3444e zgaddh0n 87gz17.exe
Resource
win10v2004-20230221-es
Behavioral task
behavioral3
Sample
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~8529133.exe
Resource
win7-20230220-es
Behavioral task
behavioral4
Sample
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~8529133.exe
Resource
win10v2004-20230220-es
General
-
Target
nnfsske3444e zgaddh0n 87gz17.exe
-
Size
3.0MB
-
MD5
89784e5c4913328c3710f07f85f37c68
-
SHA1
c6d91d14e828713c0ae0e86dfe500e0d0b8cd7ad
-
SHA256
067a1685ad9ece5f23192c8049c481e45b521d7144487f3fa297f6c06afe59a5
-
SHA512
9b3855391dc37d6becdc097a220b076014de479635548452816a55d7ec314e3954c015462bc421280482914f523172e960017746efe4b58b924009650fc3b23b
-
SSDEEP
49152:vjb4KhpEKoulsx+SZonEKndC6mTXsPVPml:vjbbXoulFddC6FPVPk
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.