f5ea6757b4197a0ddf0dfa4b0f50221710f7c8beca2731264d7f5201ae7356aa | Triage

Analysis

max time kernel
33s
max time network
36s
platform
windows7_x64
resource
win7v20201028
submitted
10-04-2021 11:32

Sharing

Report Analysis Logs

General

Target

Epson.Easy.Photo.Print.2.2.6.0.keygen.exe

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\Epson.Easy.Photo.Print.2.2.6.0.keygen.exe
"C:\Users\Admin\AppData\Local\Temp\Epson.Easy.Photo.Print.2.2.6.0.keygen.exe"
1⤵
PID:2032

C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x0
1⤵
PID:2024

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2024-62-0x000007FEFC511000-0x000007FEFC513000-memory.dmp

Filesize
8KB

Download
memory/2024-63-0x0000000002840000-0x0000000002841000-memory.dmp

Filesize
4KB

Download
memory/2032-60-0x0000000075C31000-0x0000000075C33000-memory.dmp

Filesize
8KB

Download
memory/2032-61-0x0000000074F21000-0x0000000074F23000-memory.dmp

Filesize
8KB

Download