173c22fc66adbc2b75ab9da34bac55db839a4e7e48c0b292a73601ac601a565f | Triage

Analysis

max time kernel
43s
max time network
47s
platform
windows7_x64
resource
win7-20220901-en
resource tags

arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
submitted
26/11/2022, 22:34

Sharing

Report Analysis Logs

General

Target

173c22fc66adbc2b75ab9da34bac55db839a4e7e48c0b292a73601ac601a565f.exe
Size

1.6MB
MD5

0be5b595306be77115ce993eb8eb481e
SHA1

6ff38bc73fac160c5e39a09cfa8b1b65d3b78ddd
SHA256

173c22fc66adbc2b75ab9da34bac55db839a4e7e48c0b292a73601ac601a565f
SHA512

b1ee41b12097890fce172995c5e8a7bfb9b313979ddebd0b20d36d02e931bca0395141d8dc1d9a133839c67ac1d1f7420e59416009bc373cbe203f9a10d4608c
SSDEEP

24576:JgkVgXokEU9p4+bWc5UToxclInJQkpSTyacEKTcPYaSt5YE27ynY1gIRB:JD85f4wLj/mUSWacEKTc5MYypk

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\173c22fc66adbc2b75ab9da34bac55db839a4e7e48c0b292a73601ac601a565f.exe
"C:\Users\Admin\AppData\Local\Temp\173c22fc66adbc2b75ab9da34bac55db839a4e7e48c0b292a73601ac601a565f.exe"
1⤵
PID:1760

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1760-54-0x0000000075931000-0x0000000075933000-memory.dmp

Filesize
8KB

Download