d92815d03289ebe79222e9b07d92df8746d4b24c18ddae3cfd174f480943ff2f | Triage

Analysis

max time kernel
43s
max time network
49s
platform
windows7_x64
resource
win7-20220901-en
resource tags

arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
submitted
26/11/2022, 22:44

Sharing

Report Analysis Logs

General

Target

d92815d03289ebe79222e9b07d92df8746d4b24c18ddae3cfd174f480943ff2f.exe
Size

24.5MB
MD5

7dedc604a61470e026041e871f788422
SHA1

93480af47e9f13f488b7aaff04c944086e807acc
SHA256

d92815d03289ebe79222e9b07d92df8746d4b24c18ddae3cfd174f480943ff2f
SHA512

76e84fc2cbe3528a4022321ce17dca1c40aca3804bfc0cce61cc464c1247bfa290e3c19f29ab23c9e6e70489cb256021c86a353d00dbc9948f5f010702792a9b
SSDEEP

393216:wMY2ldUX0sqYX9bf57J0pVoKez6ZbZ7xcSn+5+K3XfbEXFjtAKqTQxCI3hYqlFQX:wMY2l2X1qwehlyC+lfqhA9ulFpNdOik

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\d92815d03289ebe79222e9b07d92df8746d4b24c18ddae3cfd174f480943ff2f.exe
"C:\Users\Admin\AppData\Local\Temp\d92815d03289ebe79222e9b07d92df8746d4b24c18ddae3cfd174f480943ff2f.exe"
1⤵
PID:996

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/996-54-0x00000000760E1000-0x00000000760E3000-memory.dmp

Filesize
8KB

Download