2aa07407db6b5d3576fa0359835c61680b4ecab0607d15a0f9f8a5b6032c99ee | Triage

Submit
Reports

Overview

overview

3

Static

static

1

Компл...df.exe

windows7_x64

3

Компл...df.exe

windows10_x64

3

Analysis

max time kernel
117s
max time network
120s
platform
windows10_x64
resource
win10-en-20210920
submitted
26-09-2021 20:16

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

Комплект документов по запросу от 20.08.2021 БН.pdf.exe

Resource

win7v20210408

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Комплект документов по запросу от 20.08.2021 БН.pdf.exe

Resource

win10-en-20210920

windows10_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

Комплект документов по запросу от 20.08.2021 БН.pdf.exe
Size

1.7MB
MD5

7495d4b8448734d54e24c87a461fb8cd
SHA1

9aa95d81d4306ab186c935aae358e6084a5286d5
SHA256

258b364ab27f67fe67b70169cbf89998ad2bcf6e348d05e9426c40463f4e65e9
SHA512

d30c4526199cbc30f00cd1f59851b1a51974c9b16a36da1a2b6eb2edfba79028052cc997a095d8e0e1225f2a2fdb32a7e2db62a330c1ca07a6eca4395363ed91

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Processes

C:\Users\Admin\AppData\Local\Temp\Комплект документов по запросу от 20.08.2021 БН.pdf.exe
"C:\Users\Admin\AppData\Local\Temp\Комплект документов по запросу от 20.08.2021 БН.pdf.exe"
1⤵
PID:2668

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy