Analysis
-
max time kernel
150s -
max time network
159s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
-
submitted
28/11/2022, 03:05
General
-
Target
6e1acd32b28fa3ea8bb7e0a3bd99ca3e6bb4f3c734d39c07fcf5e40aad743ee5.exe
-
Size
18.2MB
-
MD5
cd5a363452f33c08e3e014d39e83b4b8
-
SHA1
19d730be8cf72d036dbde5612e07b0c63e3bb82a
-
SHA256
6e1acd32b28fa3ea8bb7e0a3bd99ca3e6bb4f3c734d39c07fcf5e40aad743ee5
-
SHA512
9b0997b4c5735f5a6af34ad2c0ff237cd25aa50412405c1afd7754ae0ddb0784c9be151faf687f6d9e499d71c53ff9ee356249824932d8686b0ed65d278b3e62
-
SSDEEP
393216:dcFZe+stiFQK5ymNmVNU5SQvHCwRAv4kSt+5hKSNH/XltK+RjJv3:KLetti+oymMVNU5SQvCsAsGAS5ffTl
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
-
C:\Users\Admin\AppData\Local\Temp\6e1acd32b28fa3ea8bb7e0a3bd99ca3e6bb4f3c734d39c07fcf5e40aad743ee5.exe"C:\Users\Admin\AppData\Local\Temp\6e1acd32b28fa3ea8bb7e0a3bd99ca3e6bb4f3c734d39c07fcf5e40aad743ee5.exe"1⤵