Analysis

  • max time kernel
    1801s
  • max time network
    1815s
  • platform
    windows10_x64
  • resource
    win10v20201028
  • submitted
    20-11-2020 14:34

General

  • Target

    CVE-2018-15982_PoC.swf

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices ⋅ 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\CVE-2018-15982_PoC.swf
    PID:1316

Network

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

          Execution

            Exfiltration

              Impact

                Initial Access

                  Lateral Movement

                    Persistence

                      Privilege Escalation

                        Replay Monitor

                        00:00 00:00

                        Downloads