Analysis
-
max time kernel
158s -
max time network
179s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
-
submitted
29/11/2022, 11:23
General
-
Target
bbb949339ee140188f44e4dfcbc27b6ea9caaa73a67073f36e07be953b8a229c.exe
-
Size
1.1MB
-
MD5
ef7eddc21c2a669295b57bf909c8479d
-
SHA1
f22b90ba7d28d69b0f456870bdae5fd64b184a36
-
SHA256
bbb949339ee140188f44e4dfcbc27b6ea9caaa73a67073f36e07be953b8a229c
-
SHA512
d66ea54441b9b0084ec0cf31e13541b6c339da7f9c640822e9419ae91b355dc393c59e01918e4bac980c88aff764745da748992a346e019d9c87794356865b44
-
SSDEEP
24576:56VB64gTEVHbtphLcDHya1G7BBfvDn/3VKPPeNtre6YvYcwee92t8Cf:56Vw4gYb7hLcDHy4+jROeNJe6cwee92P
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
-
C:\Users\Admin\AppData\Local\Temp\bbb949339ee140188f44e4dfcbc27b6ea9caaa73a67073f36e07be953b8a229c.exe"C:\Users\Admin\AppData\Local\Temp\bbb949339ee140188f44e4dfcbc27b6ea9caaa73a67073f36e07be953b8a229c.exe"1⤵