Analysis
-
max time kernel
70s -
max time network
134s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
-
submitted
05/12/2022, 08:28
General
-
Target
dadc8082d8d10aa5f8e725b47efac103b538c3be17d61cebcad781f0a8f93599.exe
-
Size
1.2MB
-
MD5
47954147e5eecdb1b5cc173e173917c2
-
SHA1
d723b496a09dee3aab49f67a5c9f733c1d6f3013
-
SHA256
dadc8082d8d10aa5f8e725b47efac103b538c3be17d61cebcad781f0a8f93599
-
SHA512
34ef1affe16e88cb796e06ec08ad2aac15ac2197f998a85dadda7bd49d639cd640d6b2310e7fca8aaa6fb4573d61f325333177543702a3c1a16b95731628b031
-
SSDEEP
24576:Yce9WvtQxcHUY93lRvZ41vf0WmAe8CcvTYoabtUw2CogkbmbtQ1zaSfGRZ:Ycy52F1BKTatUdpbCtQ1O4Gf
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
-
C:\Users\Admin\AppData\Local\Temp\dadc8082d8d10aa5f8e725b47efac103b538c3be17d61cebcad781f0a8f93599.exe"C:\Users\Admin\AppData\Local\Temp\dadc8082d8d10aa5f8e725b47efac103b538c3be17d61cebcad781f0a8f93599.exe"1⤵