Analysis
-
max time kernel
278s -
max time network
305s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system -
submitted
29-11-2022 21:29
Static task
static1
Behavioral task
behavioral1
Sample
1bda31487ac5e04d007f0e2268a19544de8ede84df20008be1185c0034b1119b.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
1bda31487ac5e04d007f0e2268a19544de8ede84df20008be1185c0034b1119b.exe
Resource
win10v2004-20221111-en
General
-
Target
1bda31487ac5e04d007f0e2268a19544de8ede84df20008be1185c0034b1119b.exe
-
Size
4.1MB
-
MD5
c554f5bc12ea046ad9722ff24ce5bb0f
-
SHA1
e729d5931f379aab9c9949732ddb43107270899a
-
SHA256
1bda31487ac5e04d007f0e2268a19544de8ede84df20008be1185c0034b1119b
-
SHA512
6398d6a4ea0d94772097a12fe6de12d23b49453c2b1285d4342be4f4b7b39bef8df3132e65b20f73159bc67880ceccde2f98ba700ebd40d13dc68610e9429e11
-
SSDEEP
98304:sZUg5LFvJOTI6UPap4L9NpOlnlwtHTKrvATuE:25SInk4L9jglwtz2ATuE
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.