79d5d2ba5c3966283408c5f326cead54e69cb684d0e5aca866e029cd2a6c0400 | Triage

Analysis

max time kernel
97s
max time network
103s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
11-10-2022 15:23

Sharing

Report Analysis Logs

General

Target

79d5d2ba5c3966283408c5f326cead54e69cb684d0e5aca866e029cd2a6c0400.vbs
Size

3KB
MD5

7d1af627c59d8a75918789488a1deb97
SHA1

6d114e3ce09463406d44fb36698db7ab50ff3cce
SHA256

79d5d2ba5c3966283408c5f326cead54e69cb684d0e5aca866e029cd2a6c0400
SHA512

199b10ff9b144badc14762483e0494dcd20113b565e2d8c6c9234ca75d5270f41054595838500fc88048473873532ebcd5a81629044129c1a6bb2f928c70f3c6

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\79d5d2ba5c3966283408c5f326cead54e69cb684d0e5aca866e029cd2a6c0400.vbs"
1⤵
PID:932

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads