01e2bf1d84f8f5f546ba7597b300c30e7c4bfb59fc1cab745872c9e8436cda22 | Triage

Analysis

max time kernel
49s
max time network
111s
platform
windows10_x64
resource
win10v20210410
submitted
05-05-2021 20:57

Sharing

Report Analysis Logs

General

Target

IMPLODE.DLL
Size

18KB
MD5

0a0324a4282df0f2c3129e5bd84077bc
SHA1

5a4fb357ad6a245f75213c5f5593ab8f57e613df
SHA256

11b4c417769c5c4729165c8ca0567f7d3b06d4b82998ab297d59adbad9f74d5f
SHA512

6074ae20f520449b5f3842f866bb8455b16e488c6d81bfbf898844c821d35efc036b4deeb9600502a54287050fe392bda533feb112b8a593f30ce779d1045646

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\IMPLODE.DLL
1⤵
PID:2016

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...