304e454d4e87cdc14b13fcde6f8dd57d91fd016580eeb53d848d41c874845483 | Triage

Submit
Reports

Overview

overview

4

Static

static

3

PrimoRamdi....0.exe

windows7-x64

4

PrimoRamdi....0.exe

windows10-2004-x64

4

reg/CmdColor.exe

windows7-x64

1

reg/CmdColor.exe

windows10-2004-x64

1

reg/drv.ba...rd.sys

windows7-x64

1

reg/drv.ba...rd.sys

windows10-2004-x64

1

reg/drv.ba...rd.sys

windows7-x64

1

reg/drv.ba...rd.sys

windows10-2004-x64

1

reg/drv10/fancyrd.sys

windows7-x64

1

reg/drv10/fancyrd.sys

windows10-2004-x64

1

reg/drv7/fancyrd.sys

windows7-x64

1

reg/drv7/fancyrd.sys

windows10-2004-x64

1

reg/install.bat

windows7-x64

1

reg/install.bat

windows10-2004-x64

1

Analysis

max time kernel
144s
max time network
146s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
30/09/2023, 10:25

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

PrimoRamdisk_Srv_Mui_Setup_6.6.0.exe

Resource

win7-20230831-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

PrimoRamdisk_Srv_Mui_Setup_6.6.0.exe

Resource

win10v2004-20230915-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral3

Sample

reg/CmdColor.exe

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

reg/CmdColor.exe

Resource

win10v2004-20230915-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral5

Sample

reg/drv.bak/win10-11_srv2016-2022/fancyrd.sys

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

reg/drv.bak/win10-11_srv2016-2022/fancyrd.sys

Resource

win10v2004-20230915-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

reg/drv.bak/win7-8.1_srv2008-2012/fancyrd.sys

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

reg/drv.bak/win7-8.1_srv2008-2012/fancyrd.sys

Resource

win10v2004-20230915-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

reg/drv10/fancyrd.sys

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

reg/drv10/fancyrd.sys

Resource

win10v2004-20230915-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

reg/drv7/fancyrd.sys

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

reg/drv7/fancyrd.sys

Resource

win10v2004-20230915-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral13

Sample

reg/install.bat

Resource

win7-20230831-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral14

Sample

reg/install.bat

Resource

win10v2004-20230915-en

windows10-2004-x64

2 signatures

150 seconds

Report Analysis Logs

General

Target

reg/drv.bak/win10-11_srv2016-2022/fancyrd.sys
Size

195KB
MD5

e1f3d26fa7f1a726296eda369d5ba691
SHA1

fa2b24d6f7add985f025e7ae51137e5ee58ed98b
SHA256

134855ab93b0c20cd11a44a50e093d4aa488c080bbcd15ea2c68094f5c47674d
SHA512

66d7ee0a0ba816f52ce0243039a799a08a88921c8bf188db58c4f549caaa0a3ab49ee7c911207cea0b85e532df165a6ebd16c7bf31ddd845ac505ca9be48dd17
SSDEEP

3072:EW4sgcIgJl+ENc/FIHiofTDMaJ7NCIiiRv2F/GuoW9Bu8I1cSqDQyvUj:EwgVocIHHTYw7sIuFvun1cyyMj

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\reg\drv.bak\win10-11_srv2016-2022\fancyrd.sys
1⤵
PID:2548
- C:\Users\Admin\AppData\Local\Temp\reg\drv.bak\win10-11_srv2016-2022\fancyrd.sys
  C:\Users\Admin\AppData\Local\Temp\reg\drv.bak\win10-11_srv2016-2022\fancyrd.sys
  2⤵
  PID:3256

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy