a0c8604c81dcd4539f01c671f341d7c8590c4ddd8b948106b026a4fcbf7baad8 | Triage

Analysis

max time kernel
192s
max time network
209s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
06/12/2022, 08:46

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

a0c8604c81dcd4539f01c671f341d7c8590c4ddd8b948106b026a4fcbf7baad8.exe
Size

1.4MB
MD5

99cbccac3af29dbb5e32bedc891baf9f
SHA1

cb86566e32b8c95ca433dd226e905878a0236f4d
SHA256

a0c8604c81dcd4539f01c671f341d7c8590c4ddd8b948106b026a4fcbf7baad8
SHA512

b76eaf7f1c95b2a12b1c3fac4da1823a2f5683a0d2c18f508e27178e0b3cee07efcd81d506bcbea5e4f1e5bd55073b5d1877d70a266d4845159a6ccb6055219e
SSDEEP

24576:sadgqsmZWHw11P5IV/tzAG6IU3Xd9FiRrzdxHv1WrKZlV90YPvoQ2q1PuLUcFeIe:/jKw1YV/9ASUrFW3XP6aV9rdZGolIKn

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\a0c8604c81dcd4539f01c671f341d7c8590c4ddd8b948106b026a4fcbf7baad8.exe
"C:\Users\Admin\AppData\Local\Temp\a0c8604c81dcd4539f01c671f341d7c8590c4ddd8b948106b026a4fcbf7baad8.exe"
1⤵
PID:4568

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads