3f0e3427052c3fe21787d78e2b3f2d0d8964c7c00976c44fde7f13c942da338b | Triage

Analysis

max time kernel
23s
max time network
28s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
23-11-2022 15:33

Sharing

Report Analysis Logs

General

Target

3f0e3427052c3fe21787d78e2b3f2d0d8964c7c00976c44fde7f13c942da338b.lnk
Size

258B
MD5

f84fd8806baabcb319c6c1586c64c539
SHA1

cdc20f36fb0d47dfc6720fe57be5d4875d971325
SHA256

3f0e3427052c3fe21787d78e2b3f2d0d8964c7c00976c44fde7f13c942da338b
SHA512

ce61db242042f199b9144ad15807b3534f332a3dc3fe3573622abcf6c992094b497be146f9d173c7a4d9a8c6202054e675ed36e680685a043484d1e804d1dc06

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\3f0e3427052c3fe21787d78e2b3f2d0d8964c7c00976c44fde7f13c942da338b.lnk
1⤵
PID:1368

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1368-54-0x000007FEFBDB1000-0x000007FEFBDB3000-memory.dmp

Filesize
8KB

Download