b840d9af9d1cb9f5487e1c800f7522d023cca613fa05a9a30816c627d35d1d7d | Triage

Analysis

max time kernel
43s
max time network
46s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
01-12-2022 10:57

Sharing

Report Analysis Logs

General

Target

b840d9af9d1cb9f5487e1c800f7522d023cca613fa05a9a30816c627d35d1d7d.exe
Size

510KB
MD5

26f635ea51e15ab396624684e2844eab
SHA1

06b885fdccaf27be16927428890649103b48091f
SHA256

b840d9af9d1cb9f5487e1c800f7522d023cca613fa05a9a30816c627d35d1d7d
SHA512

8e47817a5061b50d40dc6ce5e89e94a9e5c1e22cf6b4f9bdc96cf49eea49b57f7ce2b1b59383a877b213032240b36a1a84da1e9661659b980a66cba000a977f2
SSDEEP

6144:VQq+QQbD5nBR/ht6d66U3p6V8Yg7RpqjQ6/oweQIobx2zd6Wz0s1PXbfUYtw65O2:SscqjQgNeXobud6Fs1P75nMwqMkUb

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\b840d9af9d1cb9f5487e1c800f7522d023cca613fa05a9a30816c627d35d1d7d.exe
"C:\Users\Admin\AppData\Local\Temp\b840d9af9d1cb9f5487e1c800f7522d023cca613fa05a9a30816c627d35d1d7d.exe"
1⤵
PID:1968

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1968-54-0x0000000074AB1000-0x0000000074AB3000-memory.dmp

Filesize
8KB

Download