ee65e9d7a7bc9d17e894e0b775fc0bbfb35e72c65c3d768e34bfe059d521cc16 | Triage

Submit
Reports

Overview

overview

Static

static

323389cde5...f3.exe

windows7-x64

1

323389cde5...f3.exe

windows10-2004-x64

1

365712147d...a7.exe

windows7-x64

365712147d...a7.exe

windows10-2004-x64

5474e75872...06.exe

windows7-x64

5474e75872...06.exe

windows10-2004-x64

59c59ef90d...4d.exe

windows7-x64

59c59ef90d...4d.exe

windows10-2004-x64

63fb410fc5...22.exe

windows7-x64

7

63fb410fc5...22.exe

windows10-2004-x64

7

9443472de4...e5.exe

windows7-x64

1

9443472de4...e5.exe

windows10-2004-x64

1

97a877b999...8d.exe

windows7-x64

97a877b999...8d.exe

windows10-2004-x64

a0f5def5aa...93.exe

windows7-x64

1

a0f5def5aa...93.exe

windows10-2004-x64

1

abfe442282...b1.exe

windows7-x64

1

abfe442282...b1.exe

windows10-2004-x64

1

b21f34ecfa...73.exe

windows7-x64

9

b21f34ecfa...73.exe

windows10-2004-x64

9

svchost.exe

windows7-x64

9

svchost.exe

windows10-2004-x64

9

b8ce017478...a8.exe

windows7-x64

9

b8ce017478...a8.exe

windows10-2004-x64

9

bbb4627895...f2.exe

windows7-x64

1

bbb4627895...f2.exe

windows10-2004-x64

1

bdf06acf03...63.exe

windows7-x64

1

bdf06acf03...63.exe

windows10-2004-x64

1

db3529a2d9...81.exe

windows7-x64

1

db3529a2d9...81.exe

windows10-2004-x64

1

e24b84c020...db.exe

windows7-x64

9

e24b84c020...db.exe

windows10-2004-x64

9

Resubmissions

21-01-2024 14:52

240121-r8syqaeac7 10

21-01-2024 14:51

240121-r8k8waeac5 10

01-01-2024 13:55

240101-q776kscacp 10

Analysis

max time kernel
150s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
21-01-2024 14:51

Sharing

Static task

static1

upx medusalocker makop trigona

8 signatures

Behavioral task

behavioral1

Sample

323389cde5a3059c6c6e5c6c711d11e434a577b11dc07a9aeb7f8e1fb661ecf3.exe

Resource

win7-20231215-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

323389cde5a3059c6c6e5c6c711d11e434a577b11dc07a9aeb7f8e1fb661ecf3.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

365712147d687fb2eb2d5cb612586c7d3d7364277441491a3ab379a4a1128ba7.exe

Resource

win7-20231129-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral4

Sample

365712147d687fb2eb2d5cb612586c7d3d7364277441491a3ab379a4a1128ba7.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

14 signatures

150 seconds

Behavioral task

behavioral5

Sample

5474e75872eeb1e34cbe407c73409d4c65da7bd6aa9378b356bb3c12f316c506.exe

Resource

win7-20231215-en

persistence ransomware upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral6

Sample

5474e75872eeb1e34cbe407c73409d4c65da7bd6aa9378b356bb3c12f316c506.exe

Resource

win10v2004-20231222-en

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral7

Sample

59c59ef90d1370297375d4e3195eabe2a031251bc939fae962a835d8336a8a4d.exe

Resource

win7-20231129-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral8

Sample

59c59ef90d1370297375d4e3195eabe2a031251bc939fae962a835d8336a8a4d.exe

Resource

win10v2004-20231222-en

windows10-2004-x64

8 signatures

150 seconds

Behavioral task

behavioral9

Sample

63fb410fc5267c61c5099927af714a8f5f4ba6dcdeeb1f297b022879767c7222.exe

Resource

win7-20231215-en

persistence spyware stealer

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral10

Sample

63fb410fc5267c61c5099927af714a8f5f4ba6dcdeeb1f297b022879767c7222.exe

Resource

win10v2004-20231215-en

persistence spyware stealer

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral11

Sample

9443472de461e9e7a9d7b7d89fa13815521db1ecebea5054643664953ee366e5.exe

Resource

win7-20231215-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

9443472de461e9e7a9d7b7d89fa13815521db1ecebea5054643664953ee366e5.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

97a877b999fb2a3c8286548ac4b20f364a862b132a87272fe273c670a654ba8d.exe

Resource

win7-20231215-en

evasion ransomware

windows7-x64

18 signatures

150 seconds

Behavioral task

behavioral14

Sample

97a877b999fb2a3c8286548ac4b20f364a862b132a87272fe273c670a654ba8d.exe

Resource

win10v2004-20231215-en

evasion persistence ransomware

windows10-2004-x64

22 signatures

150 seconds

Behavioral task

behavioral15

Sample

a0f5def5aaaefa3ae538da9c643a5e381ea89cdee3e451ab1d0c52181d758593.exe

Resource

win7-20231215-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

a0f5def5aaaefa3ae538da9c643a5e381ea89cdee3e451ab1d0c52181d758593.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

abfe4422828c6515e7b53c50a8f07dda0169f4ee34173357b6fa35b06fe144b1.exe

Resource

win7-20231129-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

abfe4422828c6515e7b53c50a8f07dda0169f4ee34173357b6fa35b06fe144b1.exe

Resource

win10v2004-20231222-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

b21f34ecfa7135153d506b3fde2a0d0bd23b44eccedc635cbfa474e321040273.exe

Resource

win7-20231215-en

persistence ransomware

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral20

Sample

b21f34ecfa7135153d506b3fde2a0d0bd23b44eccedc635cbfa474e321040273.exe

Resource

win10v2004-20231222-en

persistence ransomware

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral21

Sample

svchost.exe

Resource

win7-20231215-en

discovery evasion persistence ransomware spyware stealer

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral22

Sample

svchost.exe

Resource

win10v2004-20231215-en

discovery evasion persistence ransomware

windows10-2004-x64

15 signatures

150 seconds

Behavioral task

behavioral23

Sample

b8ce0174783c9c7ec30f96f8857c356e61365562463457d3ef0d1f62f4d302a8.exe

Resource

win7-20231215-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral24

Sample

b8ce0174783c9c7ec30f96f8857c356e61365562463457d3ef0d1f62f4d302a8.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral25

Sample

bbb46278959b4628106319457405a8cc04681c82c2c8afa30475d50ed63417f2.exe

Resource

win7-20231215-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

bbb46278959b4628106319457405a8cc04681c82c2c8afa30475d50ed63417f2.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

bdf06acf03785275d01d4135b432b56b31c7f352f9be3cf8eca00286251aa163.exe

Resource

win7-20231129-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

bdf06acf03785275d01d4135b432b56b31c7f352f9be3cf8eca00286251aa163.exe

Resource

win10v2004-20231222-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

db3529a2d96f82af48dd8b93615cf89ee5e0c9fe84d70222b30adcb947602881.exe

Resource

win7-20231129-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

db3529a2d96f82af48dd8b93615cf89ee5e0c9fe84d70222b30adcb947602881.exe

Resource

win10v2004-20231222-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe

Resource

win7-20231215-en

ransomware spyware stealer

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral32

Sample

e24b84c0201106d00cb293da0216414c8bc60de61d8de5f7ffdcd660e67317db.exe

Resource

win10v2004-20231215-en

ransomware spyware stealer

windows10-2004-x64

5 signatures

150 seconds

Report Analysis Logs

General

Target

db3529a2d96f82af48dd8b93615cf89ee5e0c9fe84d70222b30adcb947602881.exe
Size

213KB
MD5

4b1d5fe23b954f6c80dd3f6ea0b0a0fb
SHA1

0aa970ec5a3b3c9f4731230b8186c4ed0b996136
SHA256

db3529a2d96f82af48dd8b93615cf89ee5e0c9fe84d70222b30adcb947602881
SHA512

02837a35d55d70d1b3ee62faa002b5731799055370576516dc86125081369114325722c23e55a5b6cb047e1e9c15d91eb52495155895d818a38f108b4aeca041
SSDEEP

3072:LL+mK4nBPd9/9h9OL7LUaaQS4zQtb5N5aw3IH3I/3Id:LC74BFHh9OL7NaQSoubc0IXIPI

Score

1^/10

Malware Config

Signatures

Processes

C:\Users\Admin\AppData\Local\Temp\db3529a2d96f82af48dd8b93615cf89ee5e0c9fe84d70222b30adcb947602881.exe
"C:\Users\Admin\AppData\Local\Temp\db3529a2d96f82af48dd8b93615cf89ee5e0c9fe84d70222b30adcb947602881.exe"
1⤵
PID:400

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/400-1-0x000000001BC10000-0x000000001C0DE000-memory.dmp

Filesize
4.8MB

Download
memory/400-0-0x00007FFA4A8A0000-0x00007FFA4B241000-memory.dmp

Filesize
9.6MB

Download
memory/400-2-0x00000000010C0000-0x00000000010D0000-memory.dmp

Filesize
64KB

Download
memory/400-4-0x00007FFA4A8A0000-0x00007FFA4B241000-memory.dmp

Filesize
9.6MB

Download
memory/400-3-0x000000001C180000-0x000000001C21C000-memory.dmp

Filesize
624KB

Download
memory/400-5-0x00000000010E0000-0x00000000010E8000-memory.dmp

Filesize
32KB

Download
memory/400-7-0x00000000010C0000-0x00000000010D0000-memory.dmp

Filesize
64KB

Download
memory/400-6-0x00000000010C0000-0x00000000010D0000-memory.dmp

Filesize
64KB

Download
memory/400-8-0x00007FFA4A8A0000-0x00007FFA4B241000-memory.dmp

Filesize
9.6MB

Download
memory/400-9-0x00000000010C0000-0x00000000010D0000-memory.dmp

Filesize
64KB

Download
memory/400-10-0x00000000010C0000-0x00000000010D0000-memory.dmp

Filesize
64KB

Download

© 2018-2025

Terms | Privacy