b1bbe88abe1f3aef0de92fdf73d3f9018c1649b16e59e6473d9eb9921e4d7176 | Triage

Analysis

max time kernel
41s
max time network
47s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
06/11/2022, 04:46

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

b1bbe88abe1f3aef0de92fdf73d3f9018c1649b16e59e6473d9eb9921e4d7176.exe
Size

772KB
MD5

29265a353f939e71b379b88ad9434ca0
SHA1

8f3f25acdd1cd733ea3c8d2e91977f0e31c3e8de
SHA256

b1bbe88abe1f3aef0de92fdf73d3f9018c1649b16e59e6473d9eb9921e4d7176
SHA512

6c4c644d9eb092aa351451e36d4a177ea888db25fbe6b465a9617db52b35ac89be3f5b24ee53f24d71cfbcbe14730ec867a93f08dd6ff79db729a126b8927eed
SSDEEP

12288:kj3HA0UjyuLF+ZPPfnEUnsEWfXsrQdAMqiQRJDv6RWoNQ+7SHcq1KWBCcKMJmX8j:kjlCyHlvANcQ3QrTitY5AJMJrL

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\b1bbe88abe1f3aef0de92fdf73d3f9018c1649b16e59e6473d9eb9921e4d7176.exe
"C:\Users\Admin\AppData\Local\Temp\b1bbe88abe1f3aef0de92fdf73d3f9018c1649b16e59e6473d9eb9921e4d7176.exe"
1⤵
PID:976

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/976-54-0x0000000075A81000-0x0000000075A83000-memory.dmp

Filesize
8KB

Download