8ad43923fb3cd531e3b73958737e9939f75b15ecffd39e6e8ec064c263179011 | Triage

Analysis

max time kernel
74s
max time network
130s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
27-10-2022 23:05

Sharing

Report Analysis Logs

General

Target

Logo_CAMPERO_6d51b5b5-ba21-42a3-a9f1-215ceb1330db.jpg
Size

12KB
MD5

657b9ba4608ed0bb2dc3ad728d276a2f
SHA1

5e35d19d5511f548007130229b187beb20887ad8
SHA256

318a2a3fb551c150897e13bd2cfd9afb26b0f6de8cd5a65e8ab4ecfaadfc1445
SHA512

562732c97a0c14abf47a780ad85b2fc9265c74d5c1a893eec223053b22a603192d29f9b9439299383cc9d3400048c582b57e747b9d3ee85329dcf2910d623ba4
SSDEEP

192:lJs8lZ3/DZxcviG7H2qrtKE2vckdFg5IO3W3WOCP3pk25se:lJs8LNEH7av/ST3aCPpk2l

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\Logo_CAMPERO_6d51b5b5-ba21-42a3-a9f1-215ceb1330db.jpg
1⤵
PID:1624

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads