66bc228367a36316372275525720f283ba3aff3c379badd71a71efc527f40e7b | Triage

Submit
Reports

Overview

overview

4

Static

static

3

.ses

windows7-x64

3

.ses

windows10-2004-x64

3

lu/nada_16...32.exe

windows7-x64

4

lu/nada_16...32.exe

windows10-2004-x64

4

lu/nada_16...xe.sig

windows7-x64

3

lu/nada_16...xe.sig

windows10-2004-x64

3

lu/nada_16...g.part

windows7-x64

3

lu/nada_16...g.part

windows10-2004-x64

3

~nsu.tmp/Au_.exe

windows7-x64

3

~nsu.tmp/Au_.exe

windows10-2004-x64

3

Analysis

max time kernel
135s
max time network
144s
platform
windows10-2004_x64
resource
win10v2004-20230221-en
resource tags

arch:x64arch:x86image:win10v2004-20230221-enlocale:en-usos:windows10-2004-x64system
submitted
26-05-2023 10:11

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

.ses

Resource

win7-20230220-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

.ses

Resource

win10v2004-20230220-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral3

Sample

lu/nada_164_046d-uipak_x32.exe

Resource

win7-20230220-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral4

Sample

lu/nada_164_046d-uipak_x32.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral5

Sample

lu/nada_164_046d-uipak_x32.exe.sig

Resource

win7-20230220-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral6

Sample

lu/nada_164_046d-uipak_x32.exe.sig

Resource

win10v2004-20230220-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral7

Sample

lu/nada_164_046d-uipak_x32.exe.sig.part

Resource

win7-20230220-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral8

Sample

lu/nada_164_046d-uipak_x32.exe.sig.part

Resource

win10v2004-20230220-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral9

Sample

~nsu.tmp/Au_.exe

Resource

win7-20230220-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral10

Sample

~nsu.tmp/Au_.exe

Resource

win10v2004-20230221-en

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

~nsu.tmp/Au_.exe
Size

84KB
MD5

0fc305680bfaa219832a762006671def
SHA1

1b83c060e7f2de074d9258e1f12d5b4c40dbac05
SHA256

046b1273b28df7611d50a560d935868989eae66635e64a89677a4d6990ae2f3d
SHA512

9e75a894ffbcd6e21553d481159b233bc06b57d745fe8e5345218ab0fe3d1d447ba03fb56340c3b8eb4053679b6f8eb04500b8aa6a46b3657e18244919fb84ea
SSDEEP

1536:VdZEszWriITJGrvopX1VF7CXjl7yE/YRN6QcIgASy6ECFkIGkA:GszWOITsEL50jl7ywqhCFvA

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Processes

C:\Users\Admin\AppData\Local\Temp\~nsu.tmp\Au_.exe
"C:\Users\Admin\AppData\Local\Temp\~nsu.tmp\Au_.exe"
1⤵
PID:4320

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy