772224a96b3442d1be17b1c02ed1d5f68cb03e3351f6b4ad0a7e4dfb8b8f9258 | Triage

Analysis

max time kernel
36s
max time network
41s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
01/12/2022, 15:26

Sharing

Report Analysis Logs

General

Target

772224a96b3442d1be17b1c02ed1d5f68cb03e3351f6b4ad0a7e4dfb8b8f9258.asp
Size

2KB
MD5

5e3f3cf1c66ace3edfde8ef996019641
SHA1

6f25617bdd417426375ad301627efd9ae63b50ad
SHA256

772224a96b3442d1be17b1c02ed1d5f68cb03e3351f6b4ad0a7e4dfb8b8f9258
SHA512

1438b029435d9499f5c9437ecb3bb395c964e2971efd258efc018bd1be3d246f21d1da2776ecfe2671e1fd19500ec5807cff5bc4e0e5ab5df606811e0953d788

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\772224a96b3442d1be17b1c02ed1d5f68cb03e3351f6b4ad0a7e4dfb8b8f9258.asp
1⤵
PID:1256

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1256-54-0x000007FEFB5B1000-0x000007FEFB5B3000-memory.dmp

Filesize
8KB

Download