70b4505b528c9f86bc34eb6ef7115cd840c537a6380f163f504410725e044272 | Triage

Analysis

max time kernel
42s
max time network
33s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
23-11-2022 09:54

Sharing

Report Analysis Logs

General

Target

70b4505b528c9f86bc34eb6ef7115cd840c537a6380f163f504410725e044272.exe
Size

199KB
MD5

f3cfd6ba60551bdeded9cdb62bbd9c61
SHA1

3e3ff639e05aaeafe1d695413c74f72011c27990
SHA256

70b4505b528c9f86bc34eb6ef7115cd840c537a6380f163f504410725e044272
SHA512

9bbc3a867275f5984f116ed009b4ae2a99667bf76bf55e55c4c2ab0c5f0ab70783d2b648b5ad2b6e68032aa5ae88a8e24591f3da34f203fb552baeb17255a95c
SSDEEP

6144:HME1nmg1tDbJ5621YNXSTJth2rF4TtarHrPeec9kCC:sgnJm6RaLDe9E

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\70b4505b528c9f86bc34eb6ef7115cd840c537a6380f163f504410725e044272.exe
"C:\Users\Admin\AppData\Local\Temp\70b4505b528c9f86bc34eb6ef7115cd840c537a6380f163f504410725e044272.exe"
1⤵
PID:1628

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1628-54-0x00000000754C1000-0x00000000754C3000-memory.dmp

Filesize
8KB

Download