afc3e86c4a8e78301fa2e48dea4af2d9c518c962e9d034d799314f3d385c2db2 | Triage

Analysis

max time kernel
74s
max time network
81s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
04/12/2022, 07:44

Sharing

Report Analysis Logs

General

Target

afc3e86c4a8e78301fa2e48dea4af2d9c518c962e9d034d799314f3d385c2db2.exe
Size

191KB
MD5

84036c628ca3a7b6535eb8db18946345
SHA1

792ba8f6ff28ecb311560d91f9575f11a68a0567
SHA256

afc3e86c4a8e78301fa2e48dea4af2d9c518c962e9d034d799314f3d385c2db2
SHA512

2a150c2c09a37761ed6d529b297b07baced4b227a6601cb7752640461df1bb7aaf18a89272719a209fb91a2e6f79c3d7183aeffda0910598631249529aa3c901
SSDEEP

3072:HADWbKzKbQmSVdSme+xmJyD4BliqzsmmEpEmboQd+ccewkyeZyYPuvGCJ30EZ0dy:HAVySV1eY4k437d+4wkTHdS2K

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\afc3e86c4a8e78301fa2e48dea4af2d9c518c962e9d034d799314f3d385c2db2.exe
"C:\Users\Admin\AppData\Local\Temp\afc3e86c4a8e78301fa2e48dea4af2d9c518c962e9d034d799314f3d385c2db2.exe"
1⤵
PID:2008

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2008-54-0x0000000075D61000-0x0000000075D63000-memory.dmp

Filesize
8KB

Download