4a7affd980470357a74bae1687727d291eaa6abc89cacf9d86e8d7152654d0b5 | Triage

Submit
Reports

Overview

overview

3

Static

static

4a7affd980...b5.asp

windows7-x64

3

4a7affd980...b5.asp

windows10-2004-x64

3

Analysis

max time kernel
165s
max time network
212s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
06-12-2022 22:25

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

4a7affd980470357a74bae1687727d291eaa6abc89cacf9d86e8d7152654d0b5.asp

Resource

win7-20221111-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

4a7affd980470357a74bae1687727d291eaa6abc89cacf9d86e8d7152654d0b5.asp

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

4a7affd980470357a74bae1687727d291eaa6abc89cacf9d86e8d7152654d0b5.asp
Size

6KB
MD5

da7397f0910f5327b485f0225bc07013
SHA1

ea7b1592754aa729140551fbe5cc9c32681b9090
SHA256

4a7affd980470357a74bae1687727d291eaa6abc89cacf9d86e8d7152654d0b5
SHA512

04c5d783987c385f492baff6db4718830edc675ef4fa8ad1fd0d974b71b621b62138fb2fd1d1fd192f400bb97c4e79bd5c872d526591a7f0ae4c55f710a4ab42
SSDEEP

192:nqi3dJbeaENI+FOCSqEFi6hDPzYTCFhpP:nqKSE2EzYTiP

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Processes

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\4a7affd980470357a74bae1687727d291eaa6abc89cacf9d86e8d7152654d0b5.asp
1⤵
PID:1128

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy