873d02bb3d248110c1db5155acd11811ba99c4689ceb2eb148fba49f712d3ff8 | Triage

Analysis

max time kernel
97s
max time network
128s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
16-11-2022 12:20

Sharing

Report Analysis Logs

General

Target

invoice.pdf.lnk
Size

1KB
MD5

82f6859bc0e99302adef28a854d15177
SHA1

d83cf532efea3f4693315005773f69785ce1e0a1
SHA256

a30e528a6ad1c5b0a3930a28b04d4fae700a799958d13e7dfa274c3ad1cd352b
SHA512

3fcaa7e431c5fe301b2b826103e0f0b7b41caec5485a08432646084adffaf00f741b98f275403689d65d8ffe9e5a9eb1edbe1db0a810f74ad53607552323d2ea

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\invoice.pdf.lnk
1⤵
PID:4940

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...