7314fa7a37001508a33a795118b54ff2a57e4580364ad0d91c3a2f337897249e | Triage

Analysis

max time kernel
37s
max time network
42s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
02/10/2022, 06:10

Sharing

Report Analysis Logs

General

Target

7314fa7a37001508a33a795118b54ff2a57e4580364ad0d91c3a2f337897249e.exe
Size

3.0MB
MD5

766b9384543617b41a616234507aac57
SHA1

1ab7b5b0cd23d063d78068e41b5f8f5fa8176736
SHA256

7314fa7a37001508a33a795118b54ff2a57e4580364ad0d91c3a2f337897249e
SHA512

3945aabcbd401caec2fd0309be7b9ddee9a6ca54dd759b205f2f0c3c73ed0ac89862cbee8ab0058cf599e94508fc32b29fdb7b4d094828d185e31eb911f620a3
SSDEEP

49152:TuIYMPMmxjzN+5l++rPYSsBiSKp2YEFF4bCcX+J+tKaEnc5bR:TuIYcMmV85o+DFm5PYbWcK+tKaEsN

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\7314fa7a37001508a33a795118b54ff2a57e4580364ad0d91c3a2f337897249e.exe
"C:\Users\Admin\AppData\Local\Temp\7314fa7a37001508a33a795118b54ff2a57e4580364ad0d91c3a2f337897249e.exe"
1⤵
PID:1988

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1988-54-0x0000000075911000-0x0000000075913000-memory.dmp

Filesize
8KB

Download