55a9de905804bc97f48c8e580139c4f8ff88735db71842f5174022602c1f34ff | Triage

Analysis

max time kernel
18s
max time network
46s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
30/10/2022, 19:21 UTC

Sharing

Report Analysis Logs

General

Target

55a9de905804bc97f48c8e580139c4f8ff88735db71842f5174022602c1f34ff.exe
Size

519KB
MD5

82911d358f96f30e376f7c96e1b8f89c
SHA1

1e0b3a09cede685a9dc4f4b43b059344b07e8cc4
SHA256

55a9de905804bc97f48c8e580139c4f8ff88735db71842f5174022602c1f34ff
SHA512

df815aeb6a5fe13baca15ae24f54aa9d903871917a05500e231a7ad046d588dd0857a966901dcbecd6ef3ad6d6cb15caf5a9479d5f5c7c0d4a383ea936c25e29
SSDEEP

12288:KCy5t9UrNvc3Up0+tHMIrBj2JbFNBNpmI4zZRtHiIOLQ9iuKEd7U:AtMCkmOMXJbFSv/JivQsZ

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\55a9de905804bc97f48c8e580139c4f8ff88735db71842f5174022602c1f34ff.exe
"C:\Users\Admin\AppData\Local\Temp\55a9de905804bc97f48c8e580139c4f8ff88735db71842f5174022602c1f34ff.exe"
1⤵
PID:1732

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1732-54-0x0000000075771000-0x0000000075773000-memory.dmp

Filesize
8KB

Download