512d0ec30953c107f35141055d82297312123dd3b165e47c3897b7caed255d9e | Triage

Analysis

max time kernel
20s
max time network
20s
platform
windows7_x64
resource
win7v20201028
submitted
11-04-2021 12:28

Sharing

Report Analysis Logs

General

Target

Adobe_Photoshop_Cs6_13_crack_by_ViKiNG.exe
Size

5.3MB
MD5

b11115592cd94ecfaa46817cdd064e1b
SHA1

25454a2d15b426e64e0ff38c58831463435ba635
SHA256

512d0ec30953c107f35141055d82297312123dd3b165e47c3897b7caed255d9e
SHA512

0f2be15760bb2bff2b826549af1edb8ddbb5270a5014d406d46ae5d08938739e2345545b6fe8f9fcaabc90f9acdecad3a166259359748a3431ac6cc2b4e8466b

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\Adobe_Photoshop_Cs6_13_crack_by_ViKiNG.exe
"C:\Users\Admin\AppData\Local\Temp\Adobe_Photoshop_Cs6_13_crack_by_ViKiNG.exe"
1⤵
PID:2032

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2032-60-0x0000000075C31000-0x0000000075C33000-memory.dmp

Filesize
8KB

Download
memory/2032-61-0x0000000074F21000-0x0000000074F23000-memory.dmp

Filesize
8KB

Download