e8c56bc5bf674b494dd03d856c03c1ecfaf70e578c09f634cf66b09534f05c02 | Triage

Resubmissions

18-11-2021 19:28

211118-x6xf1sach9 10

18-11-2021 14:06

211118-remjvagfd3 10

Analysis

max time kernel
16s
max time network
0s
platform
windows7_x64
resource
win7-de-20211014
submitted
18-11-2021 14:06

Sharing

Report Analysis Logs

General

Target

setup_x86_x64_install.exe
Size

10.5MB
MD5

b70883d05d292eeba3f756730a7d62bb
SHA1

301bc3e6004f421ed035d9f4091ebce6fc789660
SHA256

e8c56bc5bf674b494dd03d856c03c1ecfaf70e578c09f634cf66b09534f05c02
SHA512

83687a8f862f2448f1b3fdbd3523248baa1a614598ba7389d79a9c8c5debdea4bef97a048481b43a1f13cea28b73ba18f5b38775772629c253454588828128e6

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\setup_x86_x64_install.exe
"C:\Users\Admin\AppData\Local\Temp\setup_x86_x64_install.exe"
1⤵
PID:1884

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1884-55-0x00000000755A1000-0x00000000755A3000-memory.dmp

Filesize
8KB

Download