112185d9952a6eba6630e466a529a098ce855d77e037b3d530065158babbbe47 | Triage

Analysis

max time kernel
40s
max time network
46s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
07/11/2022, 00:00

Sharing

Report Analysis Logs

General

Target

112185d9952a6eba6630e466a529a098ce855d77e037b3d530065158babbbe47.exe
Size

184KB
MD5

071dce8ac0f50a7d753ff2ef91610bff
SHA1

1872489ec8f9e53f4a83923c2e98fe5ad469ca3d
SHA256

112185d9952a6eba6630e466a529a098ce855d77e037b3d530065158babbbe47
SHA512

7f588b56a28c28f0e9853240afcd0afc0e8ed6e2e3456328a559b9c59adcf4624f97f803bf701ef48ab82406eebb192b05e585d49964230d00ac9a1540837abb
SSDEEP

3072:d1W3koFABS7dUZh9IFYLmIX4+t+V8AWCirNe7xGYm5EGNovU2T2TOQ8VfZP4k:dI2Gd4iFIjY8AZiQxkERs2GEjQk

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\112185d9952a6eba6630e466a529a098ce855d77e037b3d530065158babbbe47.exe
"C:\Users\Admin\AppData\Local\Temp\112185d9952a6eba6630e466a529a098ce855d77e037b3d530065158babbbe47.exe"
1⤵
PID:1532

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1532-54-0x0000000075091000-0x0000000075093000-memory.dmp

Filesize
8KB

Download