f950adbd2c4ddf8d28523218ace009626ff5ab91f677727edfad842a0fda0e81 | Triage

Analysis

max time kernel
16s
max time network
34s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
23-11-2022 15:33

Sharing

Report Analysis Logs

General

Target

f950adbd2c4ddf8d28523218ace009626ff5ab91f677727edfad842a0fda0e81.lnk
Size

252B
MD5

58cc6fab07199266fdae79c87a91faff
SHA1

91d9b2050dc9064b7d1b43eb93133b8158a40925
SHA256

f950adbd2c4ddf8d28523218ace009626ff5ab91f677727edfad842a0fda0e81
SHA512

ba572baa2ed4b285f52655dae4817bb77b17e5bbfb8957f70543ad6c3be55e3a86f0d443e063330fc19ce77c6591a21a792c8943ed7b6e97029977eade98cf0f

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\f950adbd2c4ddf8d28523218ace009626ff5ab91f677727edfad842a0fda0e81.lnk
1⤵
PID:1348

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1348-54-0x000007FEFC3C1000-0x000007FEFC3C3000-memory.dmp

Filesize
8KB

Download