d5684d184a71acb83fd2edb266e4c2c22d7fcd9ab01bfbb880da61b6b9044602 | Triage

Submit
Reports

Overview

overview

7

Static

static

d5684d184a...02.exe

windows7-x64

7

d5684d184a...02.exe

windows10-2004-x64

3

Analysis

max time kernel
278s
max time network
332s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
23-11-2022 10:42

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

d5684d184a71acb83fd2edb266e4c2c22d7fcd9ab01bfbb880da61b6b9044602.exe

Resource

win7-20220901-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

d5684d184a71acb83fd2edb266e4c2c22d7fcd9ab01bfbb880da61b6b9044602.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

d5684d184a71acb83fd2edb266e4c2c22d7fcd9ab01bfbb880da61b6b9044602.exe
Size

928KB
MD5

f363c65cf6eb1a1dd4290158b2bccdd8
SHA1

f6fca3f9060eefab59e8ee13fe435b0aca7d2c86
SHA256

d5684d184a71acb83fd2edb266e4c2c22d7fcd9ab01bfbb880da61b6b9044602
SHA512

9334a896403bd80c8cd78ff71030151bef760a8fcc0bb1717752dfb48e747e51e5e2ae29177d0fb7b3407f39e1818dd266c8b31120f81c261bd7b127f44fad7e
SSDEEP

12288:feOKqDbCBdFMrtgDBrnUMm7k4nAi0t3apXz1c/dHmBLo8iXLysQ:+FPURAXt3AcVHm5o8ie

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Processes

C:\Users\Admin\AppData\Local\Temp\d5684d184a71acb83fd2edb266e4c2c22d7fcd9ab01bfbb880da61b6b9044602.exe
"C:\Users\Admin\AppData\Local\Temp\d5684d184a71acb83fd2edb266e4c2c22d7fcd9ab01bfbb880da61b6b9044602.exe"
1⤵
PID:4620

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4620-132-0x0000000000400000-0x00000000004EA780-memory.dmp

Filesize
937KB

Download

© 2018-2024

Terms | Privacy