Analysis
-
max time kernel
151s -
max time network
125s -
platform
windows10-2004_x64 -
resource
win10v2004-20230220-en -
resource tags
arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system -
submitted
14-06-2023 18:21
Behavioral task
behavioral1
Sample
PEMIS.exe
Resource
win7-20230220-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
PEMIS.exe
Resource
win10v2004-20230220-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
PEMIS.exe
-
Size
28.9MB
-
MD5
34a7eab02be0835b27e4548ad2ce048c
-
SHA1
17a2337c233658d36387b9c50f43aa53feeb422e
-
SHA256
0527dc9d19e95c25ca4feb22e562f5fda68a6732483c2be9f05af6f9ed005107
-
SHA512
9844035a58bf8398555e556592dc7b49bc591516a91b8da00270d551e1463de2302020b3d6600bdf2c4455bb7fd2c04b15b3cf7addbd39b0174b8cff60fc3be0
-
SSDEEP
786432:21NY0wjo8H/1uWX5xFYnmE0UcXSlwmKEu:IIjoQ15fgliSlwmK
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of SetWindowsHookEx 6 IoCs
Processes:
PEMIS.exepid process 1536 PEMIS.exe 1536 PEMIS.exe 1536 PEMIS.exe 1536 PEMIS.exe 1536 PEMIS.exe 1536 PEMIS.exe