Analysis
-
max time kernel
92s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
-
submitted
05/12/2022, 23:17
General
-
Target
0d13fec7616016df1589b98bf11d8c7b5e046a83962d59011d8bf317fd6e7b0b.exe
-
Size
118KB
-
MD5
ecf85b140adc805583c0d7db164248ff
-
SHA1
957dc126c8409413834e0abe18e419ea12788385
-
SHA256
0d13fec7616016df1589b98bf11d8c7b5e046a83962d59011d8bf317fd6e7b0b
-
SHA512
ef86275cbac9c753bd5e1f46716899fae3e8ce9bbdfe72c230483fc1a1dac4ce9acdec9054b437a89a7834256e84f0ae457b5d58461d970ed2c0e4c684e47acb
-
SSDEEP
3072:EmeDmBqskJgTM5ulMqhV7bDSrG68vQNtx0/13:E8/M5SPhtbDSa60QNv093
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
-
C:\Users\Admin\AppData\Local\Temp\0d13fec7616016df1589b98bf11d8c7b5e046a83962d59011d8bf317fd6e7b0b.exe"C:\Users\Admin\AppData\Local\Temp\0d13fec7616016df1589b98bf11d8c7b5e046a83962d59011d8bf317fd6e7b0b.exe"1⤵