34cedea8323757b0fdc32c67e67cc8a2dc5bbffd83a42f7421f40825f752600c | Triage

Analysis

max time kernel
364s
max time network
370s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
30-11-2022 22:05

Sharing

Report Analysis Logs

General

Target

metaphysic/typewrite.png
Size

43KB
MD5

5522c9e8ef8d4a5a95bb1f3d676fdc5c
SHA1

ae12bd89d36e46d1e416931d064c7b8c0867250a
SHA256

81a8fe3499c5cfc66c98b6d4935a8270eb824e1e58f60075846d49e1021c710a
SHA512

911606b88218f78b53343eea80bdde91c945fb241cecaa6b5e4991206cf966f3d479e0c3cda93734b740286946d6fe0a82f45b76937c88fc8c17a20784f75913
SSDEEP

768:t18g+tRun0DiF2ZCgX2VkNWTQHCj2qBjMTDGum2p7sc8Z/pcN7OOa48MZdX8encX:nQzICCD6NWdp4fYOBD8cDnYf

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\metaphysic\typewrite.png
1⤵
PID:5056

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...