bbf9f7fce970f3fffed91300eaa9493c04c455c3fd6ff5bd07a872ffa801de7f | Triage

Analysis

max time kernel
46s
max time network
49s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
02/12/2022, 17:28

Sharing

Report Analysis Logs

General

Target

bbf9f7fce970f3fffed91300eaa9493c04c455c3fd6ff5bd07a872ffa801de7f.exe
Size

918KB
MD5

b6eaaa917d6c0c5a2dbc9913ca607426
SHA1

ddf10d58ef04d07233d71d0bf3c59bddf59a9118
SHA256

bbf9f7fce970f3fffed91300eaa9493c04c455c3fd6ff5bd07a872ffa801de7f
SHA512

cb38221b8e4e6939993f31111e398deca01d61879620d0d8a29ad9f3852f202a3f4a7435b1ff2136f8e5691e3f7ab9d60f3eeb3520ded5d37ea71ab1fc714611
SSDEEP

24576:6T4UlHzrmhcTObQx1iod0+tG3DCcot3umm8XK1Zv0t+:eHXZSbQxPFGzCcot3LT6HB

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\bbf9f7fce970f3fffed91300eaa9493c04c455c3fd6ff5bd07a872ffa801de7f.exe
"C:\Users\Admin\AppData\Local\Temp\bbf9f7fce970f3fffed91300eaa9493c04c455c3fd6ff5bd07a872ffa801de7f.exe"
1⤵
PID:1996

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1996-54-0x0000000075281000-0x0000000075283000-memory.dmp

Filesize
8KB

Download