7dc7ca24149bd2f34bc1bf8942cb3ed8730482e4e90a16b5333092ddb80bd084 | Triage

Submit
Reports

Overview

overview

Static

static

c202f1103c...72.exe

windows7_x64

3

c202f1103c...72.exe

windows10_x64

Analysis

max time kernel
151s
max time network
153s
platform
windows7_x64
resource
win7-en-20210920
submitted
24-10-2021 09:19

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

c202f1103c957930ec4cc01b43dfd472.exe

Resource

win7-en-20210920

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

c202f1103c957930ec4cc01b43dfd472.exe

Resource

win10-en-20211014

windows10_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

c202f1103c957930ec4cc01b43dfd472.exe
Size

96KB
MD5

c202f1103c957930ec4cc01b43dfd472
SHA1

ffed9fc2e035d31f1b2e098471e8ec70334ff9fc
SHA256

7dc7ca24149bd2f34bc1bf8942cb3ed8730482e4e90a16b5333092ddb80bd084
SHA512

569aa632a2677cb9d1b0186f19676161853ceea55cb6ee94cfcc6ad4b558c57a2694ab0d2dc541484e4099530b2aab742b95d08c093150efa6585d98ce6356e4

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Processes

C:\Users\Admin\AppData\Local\Temp\c202f1103c957930ec4cc01b43dfd472.exe
"C:\Users\Admin\AppData\Local\Temp\c202f1103c957930ec4cc01b43dfd472.exe"
1⤵
PID:1416

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1416-54-0x0000000076851000-0x0000000076853000-memory.dmp

Filesize
8KB

Download

© 2018-2024

Terms | Privacy