2827772c694257f02892bfc37635cb4f7e873e598bdca9a3e43bc5dd92709543 | Triage

Resubmissions

26-09-2022 22:23

220926-2at38sdbhl 10

26-09-2022 19:56

220926-ynv1xabhd5 10

26-09-2022 18:58

220926-xmwqdabgd6 10

26-09-2022 12:36

220926-ps571abhhq 10

Analysis

max time kernel
43s
max time network
45s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
26-09-2022 12:36

Sharing

Report Analysis Logs

General

Target

Art.lnk
Size

1KB
MD5

ad0431c9508e405c056ac73392abffe6
SHA1

9afdfce150c89b7a3c6e54bf7391109991cc50d2
SHA256

3c1d714d910f4d14eaf4698b7cec9a15a7ed92c657fb9945125bbdf3f8c767d5
SHA512

e56f719b0720b1da5e492f9f625a813443b1d74016fc4afb71fb1b0dc33e9a400faf39f2a60c4d9d5ba2a9b7358bb9ddf17ee1c5ebf8f39bcb4e52af73d04010

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\Art.lnk
1⤵
PID:1488

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1488-54-0x000007FEFC481000-0x000007FEFC483000-memory.dmp

Filesize
8KB

Download