d5e9ccf1171f5f24addd7f454eb758f4b0921b94da3097ce540d9f9f25e6f5bd | Triage

Resubmissions

05/10/2022, 13:11

221005-qfb9tsedb9 1

04/10/2022, 16:13

221004-tpg38abgep 3

Analysis

max time kernel
91s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
04/10/2022, 16:13

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

Flux.app/Contents/Resources/flux-grad.png
Size

8KB
MD5

690606305a5235912387f5a5bfa2c1e2
SHA1

0db7cb795f2f24689ed1977fe5481071713bac22
SHA256

df005b63ed4289119a1c240c91d6e27b0b1cd5133c5f5eaaf56fa7eff6212ae8
SHA512

88b6e9c5c0eaa2d25f1f8010722148f47fd33666e953c62f01e902133d009f520fd2db2d27e5739a5093b3ef8e6159dbd249412e7d44c493039db4dbcee10536
SSDEEP

192:jSDS0tKg9E05THc/eW+K3ph6Q7oiQRfD4Ob/dJafI2PF8fFnz:WJXE05g/eWT5h6Q7o1f0Skg26fFz

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\Flux.app\Contents\Resources\flux-grad.png
1⤵
PID:4108

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads