b0eeb8b5b5f9679e3e0889c2dc090eae634763d30b53b22c1b06c8105bda210b | Triage

Analysis

max time kernel
46s
max time network
50s
platform
windows7_x64
resource
win7-20220901-en
resource tags

arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
submitted
30-11-2022 23:07

Sharing

Report Analysis Logs

General

Target

b0eeb8b5b5f9679e3e0889c2dc090eae634763d30b53b22c1b06c8105bda210b.lnk
Size

251B
MD5

13273198e8b7c3e2f1878f8dfa334bff
SHA1

a9bea7b93d2d673641623871e72618ed0f67ea8b
SHA256

b0eeb8b5b5f9679e3e0889c2dc090eae634763d30b53b22c1b06c8105bda210b
SHA512

baa845e65363e0c4e57510445d266b135a334395080b0b131b2c47fbf462bc7452d550495bdac2a7966e963329bbb852b30079953971c80098b2c8f6323671c2

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\b0eeb8b5b5f9679e3e0889c2dc090eae634763d30b53b22c1b06c8105bda210b.lnk
1⤵
PID:1600

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1600-54-0x000007FEFB781000-0x000007FEFB783000-memory.dmp

Filesize
8KB

Download