61d52a65b076823cadc9abec36128eed1ff22a37c133de13b9a7747180a286f7 | Triage

Analysis

max time kernel
40s
max time network
45s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
20-10-2022 00:15

Sharing

Report Analysis Logs

General

Target

61d52a65b076823cadc9abec36128eed1ff22a37c133de13b9a7747180a286f7.lnk
Size

871B
MD5

91f5e53cba6a88f87752ff7a71dc76f0
SHA1

c1006a0a0b8d61b7cdcd4f17756430575ccc8b0e
SHA256

61d52a65b076823cadc9abec36128eed1ff22a37c133de13b9a7747180a286f7
SHA512

6ce1331c30a68a56bbc8fdbb612d987dc0db03d43adebc3e23b1f8a376f106e0179d9a8cfd819c366234a3fa6ce280a62c67d738f15acbd0131e4cc28b38c399

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\61d52a65b076823cadc9abec36128eed1ff22a37c133de13b9a7747180a286f7.lnk
1⤵
PID:1416

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1416-54-0x000007FEFB9F1000-0x000007FEFB9F3000-memory.dmp

Filesize
8KB

Download