Analysis
-
max time kernel
91s -
max time network
155s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
-
submitted
29/11/2022, 16:25
General
-
Target
8cb1295908b040c38ed9d9e0a054c51aa0238a656da9c2f379c73716bcfa2b14.exe
-
Size
8.6MB
-
MD5
e7c57ee0d0bfc2b32d698786a0dcdf84
-
SHA1
0375a21064a859d5c4c9ff184c8793f41446b67a
-
SHA256
8cb1295908b040c38ed9d9e0a054c51aa0238a656da9c2f379c73716bcfa2b14
-
SHA512
47c06413a41d7b8e7bdc60b5830691563b391e854fb3de27c53a2bbf31619b3b793f584cb4600c765da25d68e01514ccd482050b5875f6b655cb65cba3517493
-
SSDEEP
196608:KhT/fWW9yisiy+xWW35FBs0F+dhZx7JKth+537g/e9FD8K3N:Kh7fzEeVBs0FIF4tc7P9FDTd
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
-
C:\Users\Admin\AppData\Local\Temp\8cb1295908b040c38ed9d9e0a054c51aa0238a656da9c2f379c73716bcfa2b14.exe"C:\Users\Admin\AppData\Local\Temp\8cb1295908b040c38ed9d9e0a054c51aa0238a656da9c2f379c73716bcfa2b14.exe"1⤵