Analysis
-
max time kernel
152s -
max time network
255s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
22-09-2022 18:44
Static task
static1
Behavioral task
behavioral1
Sample
document.lnk
Resource
win10v2004-20220812-en
Behavioral task
behavioral2
Sample
scabs/abrogatorPerennial.cmd
Resource
win10v2004-20220901-en
Behavioral task
behavioral3
Sample
scabs/figureVehicle.js
Resource
win10v2004-20220812-en
Behavioral task
behavioral4
Sample
scabs/incompetent.dll
Resource
win10v2004-20220812-en
General
-
Target
document.lnk
-
Size
1KB
-
MD5
ddf42663768c10ebabc074aa5f8ef92d
-
SHA1
79318bfab937682bc0e44488545acb370bb62743
-
SHA256
12904b678aa06d5fae5b606f29844d59e5351403c70ba5c108c2af0a2e2fa64b
-
SHA512
336658542e644b97146b4b80fd8c36c82c3e50a77aa67fd3bfc862a3ab69f8f5ba39b03965b59e249bc7f7bacc42f0e916cf81ac5437a8cbfcca9996af8530ba
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.