Analysis
-
max time kernel
91s -
max time network
157s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
-
submitted
04-10-2022 07:21
General
-
Target
e6183598c090cac5b4209352f64cd7b45b9287d940d4e0bf24db6d62ef9fd36a.exe
-
Size
335KB
-
MD5
45a5cf29e3f7b0fa79a46eb855979820
-
SHA1
8c859dcbddeac8edc9ee3c299aabc85d5fa2f928
-
SHA256
e6183598c090cac5b4209352f64cd7b45b9287d940d4e0bf24db6d62ef9fd36a
-
SHA512
9a970385fd79211d7acae70ca4e75692fec2182f8f94fb0b3e25cd80b69f7fd70bd0e560fcaafa319fe38c7cfd9f177d6c7f693f36c6b31612e5993019201e52
-
SSDEEP
6144:3eTeM/nwFduF5gh8HafVR6A272Yx6lTYfknoERSZdSwmIaPD1aYqRjZlb5:7M/wFIFW86fAKgQTnsSwSD1j6Zlb5
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
-
C:\Users\Admin\AppData\Local\Temp\e6183598c090cac5b4209352f64cd7b45b9287d940d4e0bf24db6d62ef9fd36a.exe"C:\Users\Admin\AppData\Local\Temp\e6183598c090cac5b4209352f64cd7b45b9287d940d4e0bf24db6d62ef9fd36a.exe"1⤵