Analysis
-
max time kernel
150s -
max time network
178s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
-
submitted
19/10/2022, 15:21
General
-
Target
af2fabb82b0c76eeb96c076bddf53b7eb599efa2648be4c022c44693f55eb4b8.exe
-
Size
892KB
-
MD5
91a277232857e256ef7f9944a324aa30
-
SHA1
9a59dbd26714dfebc6ee783f54891c79201e4895
-
SHA256
af2fabb82b0c76eeb96c076bddf53b7eb599efa2648be4c022c44693f55eb4b8
-
SHA512
878ef03c7506bd08a0f63798f25756f744302b62bebf3ce5f0eb2258d658f04dc186a9a596efd302530c280e6c7e72aec97646985c868821ba8d4429870563d6
-
SSDEEP
24576:7M/wOF9ZHQTslXZliDQ754v8sOljisyuJAMM1T52Zu9Ipl:wVHiCJ4Q7K8sOtisy8AMmnIpl
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
-
C:\Users\Admin\AppData\Local\Temp\af2fabb82b0c76eeb96c076bddf53b7eb599efa2648be4c022c44693f55eb4b8.exe"C:\Users\Admin\AppData\Local\Temp\af2fabb82b0c76eeb96c076bddf53b7eb599efa2648be4c022c44693f55eb4b8.exe"1⤵