Overview

overview

10

Static

static

3

BSOD/BSOD/...OD.exe

windows7-x64

1

BSOD/BSOD/...OD.exe

windows10-2004-x64

BSOD/BSOD/...OD.exe

windows10-ltsc 2021-x64

1

BSOD/BSOD/...OD.exe

windows11-21h2-x64

1

RANSOMWARE....0.exe

windows7-x64

10

RANSOMWARE....0.exe

windows10-2004-x64

10

RANSOMWARE....0.exe

windows10-ltsc 2021-x64

10

RANSOMWARE....0.exe

windows11-21h2-x64

10

Analysis

  • max time kernel
    0s
  • max time network
    1s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    20/11/2024, 12:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    BSOD/BSOD/bin/Debug/BSOD.exe

  • Size

    6KB

  • MD5

    4ec85cec090259e2ad98bc922a70cc5c

  • SHA1

    7fbc4d3a11395f373d6bb40ad7f8bdf9088853e4

  • SHA256

    dc0e9cae1e53b8f74c9bda8fc5c76c9f8a925e29275bbca0b4e35204af6c3fa3

  • SHA512

    df72554135d7dd06e60b8bb4b98617b16693127b91889a188cedc80a3e85ac3fb578ed9261bd54de465387f0cc755916dc5eb15b24e0350c91f188bc4b703cfb

  • SSDEEP

    96:fzuWnKaFWgenoraco3WNtW1jYcFKNVcz1W4oKYlLya:3RF0oZo8stYcFwVc03KY

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\BSOD\BSOD\bin\Debug\BSOD.exe
    "C:\Users\Admin\AppData\Local\Temp\BSOD\BSOD\bin\Debug\BSOD.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2552

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2552-0-0x000007FEF6313000-0x000007FEF6314000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2552-1-0x0000000000160000-0x0000000000168000-memory.dmp

    Filesize

    32KB

    Download