Analysis
-
max time kernel
69s -
max time network
129s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
-
submitted
05-11-2022 21:50
General
-
Target
4a4ae32b26125ffedfe215be95dd01369b897cc6f56259f2b0ee0a039df33cb3.exe
-
Size
1.8MB
-
MD5
ed7eeb4dc0d4ef77514ea53963ffefdc
-
SHA1
dd8854257de04976f362aa7f59924b305e428f79
-
SHA256
4a4ae32b26125ffedfe215be95dd01369b897cc6f56259f2b0ee0a039df33cb3
-
SHA512
938ba94155bff91c8ece20d92944f213ca5424a21d4dbd1d7740480d299384c1830702fdd206dc776fbad0af2812c3c581dffebb31803427debcdbbffc831520
-
SSDEEP
49152:OMwMkRZ8zVhhMsMJVhlnuaipa7iA1sQFLcE:7iWRiVmna7/1sQFLp
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
-
C:\Users\Admin\AppData\Local\Temp\4a4ae32b26125ffedfe215be95dd01369b897cc6f56259f2b0ee0a039df33cb3.exe"C:\Users\Admin\AppData\Local\Temp\4a4ae32b26125ffedfe215be95dd01369b897cc6f56259f2b0ee0a039df33cb3.exe"1⤵