b748ddfccbe4ead1c6cdf84ed2ca7d740723ecdff14c100f1fbe067cf62b802f | Triage

Analysis

max time kernel
41s
max time network
45s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
02-12-2022 22:10

Sharing

Report Analysis Logs

General

Target

b748ddfccbe4ead1c6cdf84ed2ca7d740723ecdff14c100f1fbe067cf62b802f.exe
Size

2.2MB
MD5

a46b31e2b52d63c8f2aeeacf26264cef
SHA1

7400c57417ffa0c8a6550ee46aa46010d162d68e
SHA256

b748ddfccbe4ead1c6cdf84ed2ca7d740723ecdff14c100f1fbe067cf62b802f
SHA512

af89dc41132645080ff1bda595cfdbd53e54eae89e62718645d638cd7174ef17630191c487ecd56e1b1ccc845ec217c421a860f8212804d8046cece7b11cce83
SSDEEP

49152:2aaXtS6xch6t3DUZdyA0C9604HrwDf9uGq0Q:2jXtS6ah6Z2dXgrwDluGM

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\b748ddfccbe4ead1c6cdf84ed2ca7d740723ecdff14c100f1fbe067cf62b802f.exe
"C:\Users\Admin\AppData\Local\Temp\b748ddfccbe4ead1c6cdf84ed2ca7d740723ecdff14c100f1fbe067cf62b802f.exe"
1⤵
PID:1416

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1416-54-0x0000000075E81000-0x0000000075E83000-memory.dmp

Filesize
8KB

Download