bdd75b280b5ccca12c6842fbe45f0858e114d8b44a299eee7624b9f27087d1ae | Triage

Analysis

max time kernel
41s
max time network
32s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
29/11/2022, 11:21

Sharing

Report Analysis Logs

General

Target

bdd75b280b5ccca12c6842fbe45f0858e114d8b44a299eee7624b9f27087d1ae.exe
Size

119KB
MD5

8d482715c8291eddf0657f5430d34b38
SHA1

eb0868f1e677de492d7d8d62b3d10d45d239be5e
SHA256

bdd75b280b5ccca12c6842fbe45f0858e114d8b44a299eee7624b9f27087d1ae
SHA512

99275fc12335df9362b848af47652516b445efd176098f4afedbdbbd37a9233f1486ed5c6db6db711b89212556d7adaccfa4a036e8afbcb4aa1510f8d7b53230
SSDEEP

3072:y1Um01743kJ9B/SxPCyH4L5ilvMt74jW2LK:6O7IbxKL5c8kDK

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\bdd75b280b5ccca12c6842fbe45f0858e114d8b44a299eee7624b9f27087d1ae.exe
"C:\Users\Admin\AppData\Local\Temp\bdd75b280b5ccca12c6842fbe45f0858e114d8b44a299eee7624b9f27087d1ae.exe"
1⤵
PID:2032

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2032-54-0x0000000076381000-0x0000000076383000-memory.dmp

Filesize
8KB

Download