512d0ec30953c107f35141055d82297312123dd3b165e47c3897b7caed255d9e | Triage

Submit
Reports

Overview

overview

Static

static

Adobe_Phot...NG.exe

windows7_x64

3

Adobe_Phot...NG.exe

windows10_x64

Analysis

max time kernel
20s
max time network
20s
platform
windows7_x64
resource
win7v20201028
submitted
11-04-2021 12:28

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

Adobe_Photoshop_Cs6_13_crack_by_ViKiNG.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Adobe_Photoshop_Cs6_13_crack_by_ViKiNG.exe

Resource

win10v20201028

azorult discovery evasion infostealer persistence spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

Adobe_Photoshop_Cs6_13_crack_by_ViKiNG.exe
Size

5.3MB
MD5

b11115592cd94ecfaa46817cdd064e1b
SHA1

25454a2d15b426e64e0ff38c58831463435ba635
SHA256

512d0ec30953c107f35141055d82297312123dd3b165e47c3897b7caed255d9e
SHA512

0f2be15760bb2bff2b826549af1edb8ddbb5270a5014d406d46ae5d08938739e2345545b6fe8f9fcaabc90f9acdecad3a166259359748a3431ac6cc2b4e8466b

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Processes

C:\Users\Admin\AppData\Local\Temp\Adobe_Photoshop_Cs6_13_crack_by_ViKiNG.exe
"C:\Users\Admin\AppData\Local\Temp\Adobe_Photoshop_Cs6_13_crack_by_ViKiNG.exe"
1⤵
PID:2032

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2032-60-0x0000000075C31000-0x0000000075C33000-memory.dmp

Filesize
8KB

Download
memory/2032-61-0x0000000074F21000-0x0000000074F23000-memory.dmp

Filesize
8KB

Download

© 2018-2024

Terms | Privacy