f0a483652457a70fbcf19a0a26d46fcad3d231cc855a21565f5fff0e7a5d8b61 | Triage

Analysis

max time kernel
120s
max time network
122s
platform
windows10_x64
resource
win10-en-20211014
submitted
20-10-2021 00:22

Sharing

Report Analysis Logs

General

Target

ZPicture-1- 2021-10-19 at 2.24.57 PM.jpeg.jpg
Size

72KB
MD5

3588fce20df35048424d65641c8142cf
SHA1

17adecd4dbbbc7029ee9fc19ab47e7585fab39e5
SHA256

7f3afc7117629cdcf612432295be5683c9f611a266acbfccb2eb1d7b75b0fb2d
SHA512

8542ef9c89eb694390e7633bd57fa64f8721f47a4d9de036d0282fdd72204c05b33145fe7563d1fca927569cd5e0a88bef555478f8d31e133e9e57eb7f32ccb1

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\ZPicture-1- 2021-10-19 at 2.24.57 PM.jpeg.jpg"
1⤵
PID:2084

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...