5b8b7125984f46bda55aeb7b159463546919a0ad55df44c6b55a86e91eeeb892 | Triage

Analysis

max time kernel
148s
max time network
187s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
26-11-2022 21:34

Sharing

Report Analysis Logs

General

Target

红药互赞7.4破解版/下载说明.txt.lnk
Size

448B
MD5

948ba9457e4381e284c3ccafee18f39c
SHA1

5fa510c4aaf4c7dbed2c514bed976145021e39ed
SHA256

d1d77f06b4b57b855975ac828b251ebcf77a67dc6fd0f87e45303be507893fac
SHA512

fa9bc9bcd2fd526737eb2dcb38da9a9c0562bc6937709a261f994e46f0be48d29d68c8791e837dee1d80a095b7a660c7c13182884717ccb3f86110078971e3c4

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\红药互赞7.4破解版\下载说明.txt.lnk
1⤵
PID:3004

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads