92a53e17f6489ab42f049b1c492f582addd75d4aae4d68b73e5cf9286080adb2 | Triage

Analysis

max time kernel
146s
max time network
158s
platform
windows10-2004_x64
resource
win10v2004-20220901-en
resource tags

arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
submitted
07/11/2022, 06:23

Sharing

Report Analysis Logs

General

Target

92a53e17f6489ab42f049b1c492f582addd75d4aae4d68b73e5cf9286080adb2.exe
Size

242KB
MD5

08b1c7efd8c30ea5a98da61aeb156ff0
SHA1

ed21e00c7ce0ff4c4412d192e197e53cb9b4c9fb
SHA256

92a53e17f6489ab42f049b1c492f582addd75d4aae4d68b73e5cf9286080adb2
SHA512

6c3d3f8835d68163da4154add6cc4063cc2d216ac0ea6cdafa0b96fa109de3dfada16bbb0c500b90bf65c82d1f113a6d249fee972081930cc3f4526e84b6cd32
SSDEEP

6144:Ee34p1l/59Fpk0KkB8/BTP827dk4ggqNkL9ECA6dkj/mE3nzLuMtS:U1dDk0KkcBTP8SxHEC9EC9wDXzLDtS

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\92a53e17f6489ab42f049b1c492f582addd75d4aae4d68b73e5cf9286080adb2.exe
"C:\Users\Admin\AppData\Local\Temp\92a53e17f6489ab42f049b1c492f582addd75d4aae4d68b73e5cf9286080adb2.exe"
1⤵
PID:1952

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads