abc2e802e67a9ee6ed047e7679cfd592bcccaeb9057a96990fa9b8e830acb7a5 | Triage

Analysis

max time kernel
58s
max time network
42s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
07/11/2022, 06:44

Sharing

Report Analysis Logs

General

Target

abc2e802e67a9ee6ed047e7679cfd592bcccaeb9057a96990fa9b8e830acb7a5.exe
Size

191KB
MD5

63fe02d82e036558de8dbc430775c435
SHA1

b0257aca91a4464112d83bed77c97f5194b599b5
SHA256

abc2e802e67a9ee6ed047e7679cfd592bcccaeb9057a96990fa9b8e830acb7a5
SHA512

e2a7a657e4403e6208be23002fc6b2dac74b5f452a9f32c5f7ad377ad9e981dd63ad288a1ebb4286af63a3d1f7a944ca8d7b9bbdcab002264ebf87dbcc1daf08
SSDEEP

3072:HADWbKzKbQmSVdSme+xmJyD4BliqzsmmEpEmboQd+ccewkyeZyYPuvGCJ30EZ0d3:HAVySV1eY4k437d+4wkTHdS2P

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\abc2e802e67a9ee6ed047e7679cfd592bcccaeb9057a96990fa9b8e830acb7a5.exe
"C:\Users\Admin\AppData\Local\Temp\abc2e802e67a9ee6ed047e7679cfd592bcccaeb9057a96990fa9b8e830acb7a5.exe"
1⤵
PID:900

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/900-54-0x0000000075C61000-0x0000000075C63000-memory.dmp

Filesize
8KB

Download