27ee59c2aa3a020f2966d4946845edf9449e9f2e2ce5fdccbfe31fb2ba5d69d7

Submit
Reports

Overview

overview

Static

static

samples4 (2).zip

windows7-x64

samples4 (2).zip

windows10-2004-x64

052012a941...00.exe

windows7-x64

052012a941...00.exe

windows10-2004-x64

7005535e03...69.exe

windows7-x64

7005535e03...69.exe

windows10-2004-x64

ab65ada82b...06.exe

windows7-x64

ab65ada82b...06.exe

windows10-2004-x64

b0f8ff9688...9a.exe

windows7-x64

b0f8ff9688...9a.exe

windows10-2004-x64

b3ed13c61b...f3.exe

windows7-x64

b3ed13c61b...f3.exe

windows10-2004-x64

lockbit.pyc

windows7-x64

lockbit.pyc

windows10-2004-x64

bf01d97d76...78.exe

windows7-x64

bf01d97d76...78.exe

windows10-2004-x64

c6d3a10c9c...75.exe

windows7-x64

c6d3a10c9c...75.exe

windows10-2004-x64

e81bfaf195...94.exe

windows7-x64

e81bfaf195...94.exe

windows10-2004-x64

hc9.pyc

windows7-x64

hc9.pyc

windows10-2004-x64

ee9f253360...85.exe

windows7-x64

ee9f253360...85.exe

windows10-2004-x64

f0c2927859...a6.exe

windows7-x64

f0c2927859...a6.exe

windows10-2004-x64

Main.pyc

windows7-x64

Main.pyc

windows10-2004-x64

f2dcd2308c...87.exe

windows7-x64

f2dcd2308c...87.exe

windows10-2004-x64

f89ee06ed2...6f.exe

windows7-x64

f89ee06ed2...6f.exe

windows10-2004-x64

Analysis

max time kernel
121s
max time network
130s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
01/01/2024, 15:34

Sharing

Copy URL

Twitter E-mail

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

samples4 (2).zip

Resource

win7-20231215-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

samples4 (2).zip

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

052012a941d98920e0fed58649ccfa3b092344630d366889678fa94a26ecc300.exe

Resource

win7-20231215-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

052012a941d98920e0fed58649ccfa3b092344630d366889678fa94a26ecc300.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

7005535e034576fdb66b5b32eb198b48d7755758e77bd66909f8dd7288c1e069.exe

Resource

win7-20231215-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

7005535e034576fdb66b5b32eb198b48d7755758e77bd66909f8dd7288c1e069.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

ab65ada82bc55b7fb26b76eb5ed2e38ae19ff9b76c3693026f782e9f170e1706.exe

Resource

win7-20231129-en

persistence ransomware

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral8

Sample

ab65ada82bc55b7fb26b76eb5ed2e38ae19ff9b76c3693026f782e9f170e1706.exe

Resource

win10v2004-20231215-en

persistence ransomware

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral9

Sample

b0f8ff9688e743ae2fcb54a39910d02bb7687ba6821321cfe2ed44499a7e2b9a.exe

Resource

win7-20231215-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

b0f8ff9688e743ae2fcb54a39910d02bb7687ba6821321cfe2ed44499a7e2b9a.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

b3ed13c61bfb6c80ff059cb8199d2c9ff457e05053f7301748e0605bd1fcd7f3.exe

Resource

win7-20231215-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral12

Sample

b3ed13c61bfb6c80ff059cb8199d2c9ff457e05053f7301748e0605bd1fcd7f3.exe

Resource

win10v2004-20231222-en

evasion persistence ransomware spyware stealer

windows10-2004-x64

26 signatures

150 seconds

Behavioral task

behavioral13

Sample

lockbit.pyc

Resource

win7-20231215-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral14

Sample

lockbit.pyc

Resource

win10v2004-20231215-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral15

Sample

bf01d97d76a6bb8f3cfbf4a697403f4b686d43fabb429a7bf9427aa70371df78.exe

Resource

win7-20231215-en

agilenet

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral16

Sample

bf01d97d76a6bb8f3cfbf4a697403f4b686d43fabb429a7bf9427aa70371df78.exe

Resource

win10v2004-20231215-en

agilenet

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral17

Sample

c6d3a10c9cad46abc555e4f5d605eab6164756acf995c7d9d123c2b46fb62b75.exe

Resource

win7-20231215-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

c6d3a10c9cad46abc555e4f5d605eab6164756acf995c7d9d123c2b46fb62b75.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

e81bfaf195654662bf867c6be7115433e394a170e04f169558d294bbc93b3f94.exe

Resource

win7-20231215-en

upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral20

Sample

e81bfaf195654662bf867c6be7115433e394a170e04f169558d294bbc93b3f94.exe

Resource

win10v2004-20231215-en

upx

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral21

Sample

hc9.pyc

Resource

win7-20231215-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral22

Sample

hc9.pyc

Resource

win10v2004-20231215-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral23

Sample

ee9f2533600c091f246273960b5a2a1b7ceba7697edc5f23d4f6a980e7304485.exe

Resource

win7-20231215-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral24

Sample

ee9f2533600c091f246273960b5a2a1b7ceba7697edc5f23d4f6a980e7304485.exe

Resource

win10v2004-20231222-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral25

Sample

f0c292785905838d08b27bb99ab260b43fd8de580de80017fdaaab3c3d53d8a6.exe

Resource

win7-20231215-en

spyware stealer upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral26

Sample

f0c292785905838d08b27bb99ab260b43fd8de580de80017fdaaab3c3d53d8a6.exe

Resource

win10v2004-20231215-en

ransomware spyware stealer upx

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral27

Sample

Main.pyc

Resource

win7-20231215-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral28

Sample

Main.pyc

Resource

win10v2004-20231215-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral29

Sample

f2dcd2308c18fdb56a22b7db44e60cdb9118043830e03df02dac34e4c4752587.exe

Resource

win7-20231215-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral30

Sample

f2dcd2308c18fdb56a22b7db44e60cdb9118043830e03df02dac34e4c4752587.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral31

Sample

f89ee06ed27ff00fa5d8f6a5811a9e57063c72c9ec7d478321cdf2a2f018866f.exe

Resource

win7-20231215-en

ransomware

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral32

Sample

f89ee06ed27ff00fa5d8f6a5811a9e57063c72c9ec7d478321cdf2a2f018866f.exe

Resource

win10v2004-20231215-en

evasion ransomware

windows10-2004-x64

13 signatures

150 seconds

Report Analysis Logs

General

Target

052012a941d98920e0fed58649ccfa3b092344630d366889678fa94a26ecc300.exe
Size

3.0MB
MD5

a813a7d9f0348c18c08a8830145360a4
SHA1

46da626125575610cdde9934536c1fdd52c05817
SHA256

052012a941d98920e0fed58649ccfa3b092344630d366889678fa94a26ecc300
SHA512

12e010129989aa48ca5e680767da776122c876e11d72f011efb8503843d03ec8debb81884ecef4512c64bdf9bae40001adc2c228ca6a640621dc22ecec559317
SSDEEP

98304:WpW5QJvhA07f09Glj6Cj6OtwTf9TpR3sE196i:JOL0cjTjNc

Score

1^/10

Malware Config

Signatures

Processes

C:\Users\Admin\AppData\Local\Temp\052012a941d98920e0fed58649ccfa3b092344630d366889678fa94a26ecc300.exe
"C:\Users\Admin\AppData\Local\Temp\052012a941d98920e0fed58649ccfa3b092344630d366889678fa94a26ecc300.exe"
1⤵
PID:2292

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2292-1-0x0000000074220000-0x000000007490E000-memory.dmp

Filesize
6.9MB

Download
memory/2292-0-0x0000000000180000-0x0000000000490000-memory.dmp

Filesize
3.1MB

Download
memory/2292-2-0x0000000000740000-0x0000000000780000-memory.dmp

Filesize
256KB

Download
memory/2292-3-0x0000000000740000-0x0000000000780000-memory.dmp

Filesize
256KB

Download
memory/2292-4-0x0000000000740000-0x0000000000780000-memory.dmp

Filesize
256KB

Download
memory/2292-6-0x0000000000740000-0x0000000000780000-memory.dmp

Filesize
256KB

Download
memory/2292-5-0x0000000074220000-0x000000007490E000-memory.dmp

Filesize
6.9MB

Download