Analysis

  • max time kernel
    146s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-uk
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-uklocale:uk-uaos:windows10-2004-x64systemwindows
  • submitted
    03-03-2024 13:53

General

  • Target

    Ransomware/UIWIX.dll

  • Size

    211KB

  • MD5

    a933a1a402775cfa94b6bee0963f4b46

  • SHA1

    18aa7b02f933c753989ba3d16698a5ee3a4d9420

  • SHA256

    146581f0b3fbe00026ee3ebe68797b0e57f39d1d8aecc99fdc3290e9cfadc4fc

  • SHA512

    d83da3c97ffd78c42f49b7bfb50525e7c964004b4b7d9cba839c0d8bf3a5fe0424be3b3782e33c57debc6b13b5420a3fa096643c8b7376b3accfb1bc4e7d7368

  • SSDEEP

    6144:7hsIquZ3xJ7zOUTPQcXK9GMgCsO92FCPot+M:9LquZ3n6cXDM5X2FCgt+M

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\Ransomware\UIWIX.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1844
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\Ransomware\UIWIX.dll,#1
      2⤵
        PID:3416

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3416-0-0x000000000ABA0000-0x000000000ABDC000-memory.dmp

      Filesize

      240KB