784ef2bd5fbe9b3bc5ab26357d8641bd327170be55ced6d009ea93b61b294a3a | Triage

Submit
Reports

Overview

overview

Static

static

logo.png

windows7_x64

3

logo.png

windows10-2004_x64

3

requiremen...er.exe

windows7_x64

requiremen...er.exe

windows10-2004_x64

Analysis

max time kernel
122s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
21-05-2022 01:24

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

logo.png

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

logo.png

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Behavioral task

behavioral3

Sample

requirements and delivery order.exe

Resource

win7-20220414-en

masslogger collection ransomware spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral4

Sample

requirements and delivery order.exe

Resource

win10v2004-20220414-en

masslogger spyware stealer

windows10-2004_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

logo.png
Size

24KB
MD5

288e1f85f54d02c49c067dd67c23cd3c
SHA1

da51d3133e1c7b60eddc9c84a49ba87a3f50b0f3
SHA256

feef61e1595e7c083ea88d4ef0bcac74a6edbad043b21ee5802f262c2a858520
SHA512

b308146f3294bc0a55d293b3bbf24aff6c42f25bd0bdef1fa8b66171b13863facdfaa3ef2c05720693c2ffd72254f15106643ba9606d777e2273706a86a4d9ae

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Processes

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\logo.png
1⤵
PID:1964

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy