Overview

overview

3

Static

static

3

SecuriteIn...67.exe

windows7-x64

3

SecuriteIn...67.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    148s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05-10-2023 17:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SecuriteInfo.com.Win32.RansomX-gen.12267.exe

  • Size

    167KB

  • MD5

    9fad3cd00c8dee4bb877f0f1fbb8dc84

  • SHA1

    3f35f0e293d43d23223d2bce976fb37df71cf83c

  • SHA256

    70c0ef97db97e10004d5b57cb0a26f02aad81cf0bbef8e06f8557acabca625ea

  • SHA512

    4b6eaa9d381be4f5b4ce21935b9e1256e6c166e42c80eb57b49632820b19a4bd1e6b28bd28eb7498ca186f26549694be36761764f7897a7f8a231344bf732ec2

  • SSDEEP

    3072:v+8t+lqKrGGyzJAaMo+E4uRW+2qJavzvT3JHK:v+8wiGSPt4Dzrd

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Win32.RansomX-gen.12267.exe
    "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Win32.RansomX-gen.12267.exe"
    1⤵
      PID:1468
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 1468 -s 576
        2⤵
        • Program crash
        PID:2776
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 1468 -ip 1468
      1⤵
        PID:3756
      • C:\Windows\system32\rundll32.exe
        "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
        1⤵
          PID:2068
        • C:\Windows\System32\svchost.exe
          C:\Windows\System32\svchost.exe -k UnistackSvcGroup
          1⤵
          • Suspicious use of AdjustPrivilegeToken
          PID:2180

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Comms\UnistoreDB\store.jfm
          Filesize

          16KB

          MD5

          06c41dcdf9c24a9abd3e517605594ede

          SHA1

          455761f0efc7044ab3fd278d88b4f5289b6bf2bb

          SHA256

          11466c62b239994ba0271b2b09428e4d29e18a9a224381d96318f7c709e10c49

          SHA512

          6f211d0a46934797786197a52365016ecb0363c1e64d007c0fb312e466998215b714367a63c5736a006134165130774a4131f9d3b9b0cb1880118ae77c89a5c7

          Download Submit

        • memory/1468-0-0x0000000000A40000-0x0000000000A42000-memory.dmp

          Filesize

          8KB

          Download

        • memory/2180-42-0x0000019B93B80000-0x0000019B93B81000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2180-34-0x0000019B93B80000-0x0000019B93B81000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2180-43-0x0000019B93B80000-0x0000019B93B81000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2180-35-0x0000019B93B80000-0x0000019B93B81000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2180-36-0x0000019B93B80000-0x0000019B93B81000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2180-37-0x0000019B93B80000-0x0000019B93B81000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2180-38-0x0000019B93B80000-0x0000019B93B81000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2180-39-0x0000019B93B80000-0x0000019B93B81000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2180-44-0x0000019B937B0000-0x0000019B937B1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2180-41-0x0000019B93B80000-0x0000019B93B81000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2180-69-0x0000019B93A00000-0x0000019B93A01000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2180-33-0x0000019B93B60000-0x0000019B93B61000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2180-40-0x0000019B93B80000-0x0000019B93B81000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2180-45-0x0000019B937A0000-0x0000019B937A1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2180-47-0x0000019B937B0000-0x0000019B937B1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2180-50-0x0000019B937A0000-0x0000019B937A1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2180-53-0x0000019B936E0000-0x0000019B936E1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2180-1-0x0000019B8B470000-0x0000019B8B480000-memory.dmp

          Filesize

          64KB

          Download

        • memory/2180-65-0x0000019B938E0000-0x0000019B938E1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2180-67-0x0000019B938F0000-0x0000019B938F1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2180-68-0x0000019B938F0000-0x0000019B938F1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2180-17-0x0000019B8B570000-0x0000019B8B580000-memory.dmp

          Filesize

          64KB

          Download