8ad43923fb3cd531e3b73958737e9939f75b15ecffd39e6e8ec064c263179011 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

Don't forg...s!.eml

windows10-2004-x64

3

Barra_2122...f7.png

windows10-2004-x64

3

Logo_CAMPE...db.jpg

windows10-2004-x64

3

email-html-1.html

windows10-2004-x64

8

logotipoCM...05.jpg

windows10-2004-x64

3

Analysis

max time kernel
95s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
27/10/2022, 22:55

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

Don't forget to pay the tax within 2 days!.eml

Resource

win10v2004-20220812-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

Barra_2122f2d4-740f-49ea-a4ba-47278b732cf7.png

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral3

Sample

Logo_CAMPERO_6d51b5b5-ba21-42a3-a9f1-215ceb1330db.jpg

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral4

Sample

email-html-1.html

Resource

win10v2004-20220812-en

windows10-2004-x64

8 signatures

150 seconds

Behavioral task

behavioral5

Sample

logotipoCMIparausoonline[1]_63a40cf3-d8ec-4448-9bd7-95e668b2e305.jpg

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

logotipoCMIparausoonline[1]_63a40cf3-d8ec-4448-9bd7-95e668b2e305.jpg
Size

13KB
MD5

ca8b65ad3add82a3ed83d49e6bddeec0
SHA1

3cd9b21dd683f47843a9625c1317e51f8cd3d0b9
SHA256

f75815782dcb34987c1f4a6c409e15a1194a1f056a1a2a00990eacf4e58beb7e
SHA512

8ce4021c1d71e80e244e567fa2612f9ad54be9fbfff58e8701d3a8370d519027e11320c795a66ce93d5a2c77b369e34e6bcf1ec7ba6b18448ae812d199ed20e6
SSDEEP

192:Y6QDd2Oy4Fv4dU6QD2gknLxrGr/KzxjtyKuUR4UhDx7il:DlpCW3LbnLxarS9AUhDx7il

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Processes

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\logotipoCMIparausoonline[1]_63a40cf3-d8ec-4448-9bd7-95e668b2e305.jpg
1⤵
PID:3252

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy