Analysis
-
max time kernel
217s -
max time network
224s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-es -
resource tags
-
submitted
31-10-2022 17:50
General
-
Target
factura.exe
-
Size
323.8MB
-
MD5
e1931fc3014602cf32c674fd33f44997
-
SHA1
198801ea4486986ee04b66fb878ad07d375e7292
-
SHA256
19c534716cf4ae570e269085517aef371065cab6e04e026460887b885ef11486
-
SHA512
6d94a21a0fdb4d7f18923350c562bc559e1f84fed49d3140027771ba60a18c339cea226b3288f1d90603d6b44be1deaa676b9106b3029a2ff7429678d9a25d99
-
SSDEEP
98304:ERKzSABguHEuJWcGX9oRYAO24IvaJn/vTgCDsYVnuKDMagFO1oTJejpOkWJaBJrg:guHb8g4lJ/vr4YIagFO10ejpRgab2Zwk
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
-
C:\Users\Admin\AppData\Local\Temp\factura.exe"C:\Users\Admin\AppData\Local\Temp\factura.exe"1⤵