ba7dcbf926cdfa0bb93992ac5a03d178c41ed9532f3b16f6e6534e02a8d247a2 | Triage

Resubmissions

04/11/2022, 15:53

221104-tby5ksgeg4 10

04/11/2022, 15:29

221104-swwphsgdc4 3

04/11/2022, 14:47

221104-r52rfsgbc2 10

Analysis

max time kernel
85s
max time network
144s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
04/11/2022, 14:47

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

SS.lnk
Size

1KB
MD5

6be437c70c2ddced62b523f7dc8c4ff6
SHA1

edde62ddbc8199b01ef1312b627c269857d3f328
SHA256

204339e1c32768cd21548e785433ee3e94d7de6d243c4bc1b8b388815d94d28c
SHA512

2f300496abf6b5bf32a462f7182bb251ddb3256b3403230b37a8198a7ffc158141a307810f9641fc78998f1460669ae803df4cab39c5052d24f66820175ef89d

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\SS.lnk
1⤵
PID:3952

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads