2827772c694257f02892bfc37635cb4f7e873e598bdca9a3e43bc5dd92709543 | Triage

Resubmissions

26-09-2022 22:23

220926-2at38sdbhl 10

26-09-2022 19:56

220926-ynv1xabhd5 10

26-09-2022 18:58

220926-xmwqdabgd6 10

26-09-2022 12:36

220926-ps571abhhq 10

Analysis

max time kernel
43s
max time network
46s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
26-09-2022 12:36

Sharing

Report Analysis Logs

General

Target

banners/impalpablePopularization.js
Size

221B
MD5

3fcfe2d081b471c6caaaf0d898c4868c
SHA1

e674d8c8b422c616fb9680a2b8605b0a062171e6
SHA256

31c56f4aa09b731e42f72f8346121922121e9b22c8de36a2a217e74a11fa43d7
SHA512

82c2817684289d1202f7f88cb7f139bdf5ae9b83616388095cc04f9d878590f6bf96bb84747eba45c6c12316cbdffa99674d783ec035b34b267bbc59784586c5

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\banners\impalpablePopularization.js
1⤵
PID:1492

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1492-54-0x000007FEFBD81000-0x000007FEFBD83000-memory.dmp

Filesize
8KB

Download