8337db63c6bf94f672b5b7ba0ea0ab11a8bfcf0527f596584c4d265495bba137 | Triage

Analysis

max time kernel
33s
max time network
47s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
29/11/2022, 06:47

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

8337db63c6bf94f672b5b7ba0ea0ab11a8bfcf0527f596584c4d265495bba137.exe
Size

179KB
MD5

6edbf693f1a39398145362d7af418426
SHA1

5d977d2781be8d500031522e82b0e355047309c3
SHA256

8337db63c6bf94f672b5b7ba0ea0ab11a8bfcf0527f596584c4d265495bba137
SHA512

114bb1cad6874e08dba3896ee4b662d3718e4368f946f519f1fc4cf3cbf7dc4e669f0434f15824e75f8049336aa5f5c37cfd26ec3702d30071705c4f16f3923a
SSDEEP

3072:nYU94fDhmJO4Ae88SFvTgHbFQfOf0mD+b2fanr+NQfXOnJp90c6pZybwmuJKvkjr:ncZT9VTgHbGfOp+b2fanqNySj90c6KbG

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\8337db63c6bf94f672b5b7ba0ea0ab11a8bfcf0527f596584c4d265495bba137.exe
"C:\Users\Admin\AppData\Local\Temp\8337db63c6bf94f672b5b7ba0ea0ab11a8bfcf0527f596584c4d265495bba137.exe"
1⤵
PID:976

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/976-54-0x0000000075A81000-0x0000000075A83000-memory.dmp

Filesize
8KB

Download