304e454d4e87cdc14b13fcde6f8dd57d91fd016580eeb53d848d41c874845483 | Triage

Submit
Reports

Overview

overview

4

Static

static

3

PrimoRamdi....0.exe

windows7-x64

4

PrimoRamdi....0.exe

windows10-2004-x64

4

reg/CmdColor.exe

windows7-x64

1

reg/CmdColor.exe

windows10-2004-x64

1

reg/drv.ba...rd.sys

windows7-x64

1

reg/drv.ba...rd.sys

windows10-2004-x64

1

reg/drv.ba...rd.sys

windows7-x64

1

reg/drv.ba...rd.sys

windows10-2004-x64

1

reg/drv10/fancyrd.sys

windows7-x64

1

reg/drv10/fancyrd.sys

windows10-2004-x64

1

reg/drv7/fancyrd.sys

windows7-x64

1

reg/drv7/fancyrd.sys

windows10-2004-x64

1

reg/install.bat

windows7-x64

1

reg/install.bat

windows10-2004-x64

1

Analysis

max time kernel
138s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
30/09/2023, 10:25

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

PrimoRamdisk_Srv_Mui_Setup_6.6.0.exe

Resource

win7-20230831-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

PrimoRamdisk_Srv_Mui_Setup_6.6.0.exe

Resource

win10v2004-20230915-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral3

Sample

reg/CmdColor.exe

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

reg/CmdColor.exe

Resource

win10v2004-20230915-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral5

Sample

reg/drv.bak/win10-11_srv2016-2022/fancyrd.sys

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

reg/drv.bak/win10-11_srv2016-2022/fancyrd.sys

Resource

win10v2004-20230915-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

reg/drv.bak/win7-8.1_srv2008-2012/fancyrd.sys

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

reg/drv.bak/win7-8.1_srv2008-2012/fancyrd.sys

Resource

win10v2004-20230915-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

reg/drv10/fancyrd.sys

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

reg/drv10/fancyrd.sys

Resource

win10v2004-20230915-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

reg/drv7/fancyrd.sys

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

reg/drv7/fancyrd.sys

Resource

win10v2004-20230915-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral13

Sample

reg/install.bat

Resource

win7-20230831-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral14

Sample

reg/install.bat

Resource

win10v2004-20230915-en

windows10-2004-x64

2 signatures

150 seconds

Report Analysis Logs

General

Target

reg/drv.bak/win7-8.1_srv2008-2012/fancyrd.sys
Size

215KB
MD5

7678c72289245f8dec8fd44e3c871bcb
SHA1

05815f7104d40aad1270eec866ba82335e0a7b93
SHA256

63d78ce45deb339251996fef35fd72782b0d8246418496ee5a5acf296233e639
SHA512

9c0d2a4c11cfa9acd3c63d6d3e842ef26b7f056351130888d91d30b50c10685185f5d168c1c0c846061161a305311bc8a156a83f4042c0fc05610c8e8333cf55
SSDEEP

3072:eSt8wNsgxarIONIYWN0HeTnZBmMallbqRKfpl0A0A4RrrW9UuIKVO2LC6Tc:eSVenP4qHWYlbbP0V7RuIKsuCZ

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\reg\drv.bak\win7-8.1_srv2008-2012\fancyrd.sys
1⤵
PID:220
- C:\Users\Admin\AppData\Local\Temp\reg\drv.bak\win7-8.1_srv2008-2012\fancyrd.sys
  C:\Users\Admin\AppData\Local\Temp\reg\drv.bak\win7-8.1_srv2008-2012\fancyrd.sys
  2⤵
  PID:5012

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/5012-0-0x00007FF65AA90000-0x00007FF65AAC8000-memory.dmp

Filesize
224KB

Download
memory/5012-1-0x00007FF65AA90000-0x00007FF65AAC8000-memory.dmp

Filesize
224KB

Download

© 2018-2025

Terms | Privacy