7e7bb6f9b020c21960f7cd6b774ef329f316d303c784ffd6e6727610639c4775 | Triage

Analysis

max time kernel
133s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
02/10/2022, 21:15

Sharing

Report Analysis Logs

General

Target

7e7bb6f9b020c21960f7cd6b774ef329f316d303c784ffd6e6727610639c4775.exe
Size

1.2MB
MD5

6cff6dbb5fcd6e8ffc0a844fc02ec540
SHA1

af2f304cf1dd5c7df5a0e942045672a3c8db0afb
SHA256

7e7bb6f9b020c21960f7cd6b774ef329f316d303c784ffd6e6727610639c4775
SHA512

fbc8ffe0e1bd3cf92daf7253eaa3f757553f31c3c624808b29ade9474c0edfc2da708a0be73e138764d6cf0709244d9e620a737cf1b916074c2ed46baa70758e
SSDEEP

24576:miUqYgcyyMD3U0iZjiB+jxyIb3BGScXKpd6r:mM8jiBCy6ASdpd

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\7e7bb6f9b020c21960f7cd6b774ef329f316d303c784ffd6e6727610639c4775.exe
"C:\Users\Admin\AppData\Local\Temp\7e7bb6f9b020c21960f7cd6b774ef329f316d303c784ffd6e6727610639c4775.exe"
1⤵
PID:4932

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads