ae8bcbe5653bc80d30753212164d58723ec3cce6a1c4a4bc29d47fb1bdb844cc | Triage

Analysis

max time kernel
70s
max time network
128s
platform
windows10-2004_x64
resource
win10v2004-20220901-en
resource tags

arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
submitted
25/10/2022, 22:24

Sharing

Report Analysis Logs

General

Target

ae8bcbe5653bc80d30753212164d58723ec3cce6a1c4a4bc29d47fb1bdb844cc.exe
Size

139KB
MD5

80b2b2ac53f541c0b905e50218ec57a5
SHA1

97ae1cb8a3c09926c59005d59e5ca650bd68de7b
SHA256

ae8bcbe5653bc80d30753212164d58723ec3cce6a1c4a4bc29d47fb1bdb844cc
SHA512

b027f17a5ec39b6f41e75212e18c9465fdec6434e0ee7f7d21786b74a85d87d868d26bc7d1d1c56e4da991021c4c2622cd0bb01a68b4c9b9fd3ad092a11f4490
SSDEEP

3072:c3fPZsYh8c+8dURpfJu3xTyrWo/W1YdgExlnAsk+FtwmwGl:c3Zlg8dKfQ1yCougg8AYMGl

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\ae8bcbe5653bc80d30753212164d58723ec3cce6a1c4a4bc29d47fb1bdb844cc.exe
"C:\Users\Admin\AppData\Local\Temp\ae8bcbe5653bc80d30753212164d58723ec3cce6a1c4a4bc29d47fb1bdb844cc.exe"
1⤵
PID:1716

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads