Analysis
-
max time kernel
137s -
max time network
156s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
-
submitted
04-12-2022 09:28
General
-
Target
8ecf1f12fd97596e72cc753a7ecffcc16b191d2e300a91278487e4b8ad919c49.exe
-
Size
4.0MB
-
MD5
7bb60da0f19d6e28df2fd70934cd18a7
-
SHA1
f8b2af510282642eed9402c7e7274821d3a68448
-
SHA256
8ecf1f12fd97596e72cc753a7ecffcc16b191d2e300a91278487e4b8ad919c49
-
SHA512
9332af75c25c7a55136faa46a6430b7fa73c03ac3ae7f7715ed8289a1ed6d91c5b755c82b6ed33a04cb4d691754c9a5f63d4a0d7e031c5d1e998a5ff016bf902
-
SSDEEP
98304:ROIpV4b/HWxWGpCkef2TN/Bb8ymkFRnh3Pt5kS1XNnqObdz5Hh:RHNxf/efQ/B4y1d5kWXNnqOHh
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
-
C:\Users\Admin\AppData\Local\Temp\8ecf1f12fd97596e72cc753a7ecffcc16b191d2e300a91278487e4b8ad919c49.exe"C:\Users\Admin\AppData\Local\Temp\8ecf1f12fd97596e72cc753a7ecffcc16b191d2e300a91278487e4b8ad919c49.exe"1⤵