e3e56f011c3461ec10cf33755c1dabd265c837488896e55cbea3a76b28d1c44b | Triage

Analysis

max time kernel
153s
max time network
158s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
03/10/2022, 23:28

Sharing

Report Analysis Logs

General

Target

e3e56f011c3461ec10cf33755c1dabd265c837488896e55cbea3a76b28d1c44b.exe
Size

57KB
MD5

3719b94e63d332c08ec3d984c87a3de6
SHA1

db973ee3ab19d4f37ae6d17bc6717dcf814ab7b4
SHA256

e3e56f011c3461ec10cf33755c1dabd265c837488896e55cbea3a76b28d1c44b
SHA512

0e94926e305e57fbd52f3016ac6bc4bd9bd93bc22fe26fa4f7704e5d9038d7d670b6425bbe681b9c3cda9f8454227809c04d8e128138a24f04ddc64daf437f2d
SSDEEP

768:PJ1x/pAJAwlh72Qohw5FOQI1nTAwsPWNBo4wFBOV1mJTg4RoSMZeUZB/tA:PPx/CJAmx2/W5Ebnto4tmJk4Romu/tA

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\e3e56f011c3461ec10cf33755c1dabd265c837488896e55cbea3a76b28d1c44b.exe
"C:\Users\Admin\AppData\Local\Temp\e3e56f011c3461ec10cf33755c1dabd265c837488896e55cbea3a76b28d1c44b.exe"
1⤵
PID:1864

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads