Analysis
-
max time kernel
207s -
max time network
204s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
-
submitted
06/12/2022, 12:05
General
-
Target
f16da02defd38baeb0fd7df5839a94ce0f0a144bffd7d9f0e119ec1b5529c78b.exe
-
Size
1.7MB
-
MD5
f617519b44640d06e8d345e064cb5a30
-
SHA1
841b701560feaf24d19f5159a1ac4b07ca4145b5
-
SHA256
f16da02defd38baeb0fd7df5839a94ce0f0a144bffd7d9f0e119ec1b5529c78b
-
SHA512
3762a7488da97aa9f294b39d1fb43adcb9815bcb78349b2b7bfd03383136ecf9628d4117ceb756b36b17cb9260f97d09311f196e090a5b3cb2595b78c85f3d82
-
SSDEEP
49152:7x0BPIfTrDoCQqOE/dtEDa5g1lY/wE9r8eB:7xAgfTvoCHOGPER1y/zxDB
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
-
C:\Users\Admin\AppData\Local\Temp\f16da02defd38baeb0fd7df5839a94ce0f0a144bffd7d9f0e119ec1b5529c78b.exe"C:\Users\Admin\AppData\Local\Temp\f16da02defd38baeb0fd7df5839a94ce0f0a144bffd7d9f0e119ec1b5529c78b.exe"1⤵