Analysis
-
max time kernel
149s -
max time network
155s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
-
submitted
03/12/2022, 13:37
General
-
Target
f5059c805d743e4f817a04426dc808721c81663acb23e956a996f988c14fd1c9.exe
-
Size
337KB
-
MD5
cbe6ac044e68dd46ec64405fb1c0ac29
-
SHA1
116a2317aee9890460ec718f04ec6f3c66e27ace
-
SHA256
f5059c805d743e4f817a04426dc808721c81663acb23e956a996f988c14fd1c9
-
SHA512
2891475b00fd0260de67a9d8f7d437b548015c7a93daf20fd4a5ed877cf7272917b3ba60005ada5c9d77d246dc8eb827d7c9e3682a014018046270becaa54cc4
-
SSDEEP
6144:rsngP1rg/QElsqaQIc7kHDPQplAkyGWBBsifb9FiF6bwItb2G4eV:gWGVSqaQIokz0lAkTWBBFfbPcHIFFV
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
-
C:\Users\Admin\AppData\Local\Temp\f5059c805d743e4f817a04426dc808721c81663acb23e956a996f988c14fd1c9.exe"C:\Users\Admin\AppData\Local\Temp\f5059c805d743e4f817a04426dc808721c81663acb23e956a996f988c14fd1c9.exe"1⤵