fa627a9b20f8e74d95f738534f55b0a7458e2ad11d93ba994d05ab2abc6e2201 | Triage

Analysis

max time kernel
15s
max time network
32s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
01-12-2022 15:10

Sharing

Report Analysis Logs

General

Target

fa627a9b20f8e74d95f738534f55b0a7458e2ad11d93ba994d05ab2abc6e2201.asp
Size

674B
MD5

7d1ebb77686a8812fa9a57a4786217cf
SHA1

3171fa76d20a51360e38e6854e0f0c1907b62588
SHA256

fa627a9b20f8e74d95f738534f55b0a7458e2ad11d93ba994d05ab2abc6e2201
SHA512

42ca06a85aee37956535c2f955a855049ae7f88cd9793e62a5690a225fec725a5be0d45126da632e8978a4786b6d925cbd361fb29c3409eadbb6e55c0da0c822

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\fa627a9b20f8e74d95f738534f55b0a7458e2ad11d93ba994d05ab2abc6e2201.asp
1⤵
PID:1888

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1888-54-0x000007FEFB941000-0x000007FEFB943000-memory.dmp

Filesize
8KB

Download