af0ead17cf3cac936488aa0eec6179157ced7811acdacacdabc7e60c7baff780 | Triage

Analysis

max time kernel
61s
max time network
76s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
04-12-2022 13:53

Sharing

Report Analysis Logs

General

Target

af0ead17cf3cac936488aa0eec6179157ced7811acdacacdabc7e60c7baff780.exe
Size

159KB
MD5

390ec7d842a394518e6dc1170828a255
SHA1

fa936151c7bc7b078d29849e775ebc31d96ce6f5
SHA256

af0ead17cf3cac936488aa0eec6179157ced7811acdacacdabc7e60c7baff780
SHA512

8342e16ca4d08b5740d9ba866cf0aa0f9120a2c5c1e58db0033a6ad3a16919395c8a122212026b0aed37674035c11175a068499727646db5a347a0e358c14c97
SSDEEP

3072:eRbmfPyLePnYXOPHoDMd82HkqyHLRnFR+X/ly:eRbmo+voOByHlFR+Ply

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\af0ead17cf3cac936488aa0eec6179157ced7811acdacacdabc7e60c7baff780.exe
"C:\Users\Admin\AppData\Local\Temp\af0ead17cf3cac936488aa0eec6179157ced7811acdacacdabc7e60c7baff780.exe"
1⤵
PID:1456

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1456-54-0x00000000766F1000-0x00000000766F3000-memory.dmp

Filesize
8KB

Download