cb29eb9bf7a1fa4ea45b89617add4eee5fefa37e330e157721415406b713ba98 | Triage

Analysis

max time kernel
132s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-en-20220113
submitted
31-03-2022 04:57

Sharing

Report Analysis Logs

General

Target

id -f.jpg
Size

88KB
MD5

6f8f92f6637b11f5fd2df51945ff1b61
SHA1

ec7fb2abd6cf3a29bd383cf5937438cfe8013d8f
SHA256

3c3f6ee4d1bcb3ed8375bdb59d4287897bde859150439e8181ca73dc536a41db
SHA512

45aa058de335d9663210e0958b06e06070bc00a28e6d1af35af411e3228167f710a86e6aa256548586bfc447e83fc5792e6bbcc05597a8cf361185f3bde9f7e4

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\id -f.jpg"
1⤵
PID:1076

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...