da2f946917909537f05accd014f56a98720b72715bc084e519973bf0cc7d49b4 | Triage

Analysis

max time kernel
112s
max time network
127s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
03/10/2022, 11:32

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

da2f946917909537f05accd014f56a98720b72715bc084e519973bf0cc7d49b4.exe
Size

80KB
MD5

690ef83f6d37eff6da02c85dffdfd973
SHA1

e42efe420fa39294a89c35122c8dc8f0f5fa8b39
SHA256

da2f946917909537f05accd014f56a98720b72715bc084e519973bf0cc7d49b4
SHA512

0bb366f03215efadf506f7d2829c60f06cd437e1488de3cf400977504eea0bf6467237e72e4929a36abd238c2b540fef60bab770e677a54f44c68127e672e115
SSDEEP

1536:Lf4exGDkeZ4mOoSgJEAJJ3b22DA9ObsfE95CLcyWqFIt3rkJkHn:z4eYZ4+1JXJJr2RkgFfJkH

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\da2f946917909537f05accd014f56a98720b72715bc084e519973bf0cc7d49b4.exe
"C:\Users\Admin\AppData\Local\Temp\da2f946917909537f05accd014f56a98720b72715bc084e519973bf0cc7d49b4.exe"
1⤵
PID:832

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads