Analysis
-
max time kernel
90s -
max time network
155s -
platform
windows10-2004_x64 -
resource
win10v2004-20220901-en -
resource tags
-
submitted
07/11/2022, 14:28
General
-
Target
04b72f8d7e6d2ed2bf51e146f1ec4030b3c4e2c9105881e0f5da6ae63345559a.exe
-
Size
946KB
-
MD5
1310c2bf805ee9f05355dd73da1cf870
-
SHA1
06c29f70f4ff9092801fb54299f352da704b4863
-
SHA256
04b72f8d7e6d2ed2bf51e146f1ec4030b3c4e2c9105881e0f5da6ae63345559a
-
SHA512
6bb6b9f0b3af8f2eca5ff36b075a24eca9df7a0e06e2765dc8b8cc09632e6e619c5f2c94bf29ee73ffc075498a786cf3f7c5158ea8ff73a997ffde9382ef7988
-
SSDEEP
24576:CPRGmay4PjE9bUix084d2mVWca83VSQCbLL0X:8GfjkoPwx8cHbLIX
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
-
C:\Users\Admin\AppData\Local\Temp\04b72f8d7e6d2ed2bf51e146f1ec4030b3c4e2c9105881e0f5da6ae63345559a.exe"C:\Users\Admin\AppData\Local\Temp\04b72f8d7e6d2ed2bf51e146f1ec4030b3c4e2c9105881e0f5da6ae63345559a.exe"1⤵