Analysis
-
max time kernel
162s -
max time network
196s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
-
submitted
02-12-2022 17:17
General
-
Target
ca53499d00dd4ad9d83f090a3ea4bafcd359c6f529e4e947812cc08476c4bfc7.exe
-
Size
1.2MB
-
MD5
ad82467b297969e020f7e708291acf09
-
SHA1
d58caa48fd7ec2b118fcd9d0eb5a3cea87e14548
-
SHA256
ca53499d00dd4ad9d83f090a3ea4bafcd359c6f529e4e947812cc08476c4bfc7
-
SHA512
a5b17f9c7d8f84c11f554fe8527f48c6d9b19c76520869152a70f432fdc36892be3f680fe8e86e83f077fa79573a96281f7f6910c504599b011016fbe263c875
-
SSDEEP
24576:nNT4Ul4BuN5jrgTxkRMP4lBFTtExwPENE/H+RFGraJBGXKhZBV1BGClDrJ:d4Bujj8Tx+/FmxwP4uej/zGXgVLDrJ
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
-
C:\Users\Admin\AppData\Local\Temp\ca53499d00dd4ad9d83f090a3ea4bafcd359c6f529e4e947812cc08476c4bfc7.exe"C:\Users\Admin\AppData\Local\Temp\ca53499d00dd4ad9d83f090a3ea4bafcd359c6f529e4e947812cc08476c4bfc7.exe"1⤵