566313ac5d8d18ae65e9f659ab53b7bd2673d3e863970101c270f5ddce1333ef | Triage

Analysis

max time kernel
1s
max time network
33s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
07-12-2022 00:19

Sharing

Report Analysis Logs

General

Target

566313ac5d8d18ae65e9f659ab53b7bd2673d3e863970101c270f5ddce1333ef.lnk
Size

535B
MD5

ec3047d57f91f4ec2447b87a6f232804
SHA1

09122027c204edfc74a3be406fff00963d2a9d26
SHA256

566313ac5d8d18ae65e9f659ab53b7bd2673d3e863970101c270f5ddce1333ef
SHA512

4e6ac89c6ada5c3dac6c77198a74a70bd2d15a57a0dbd13bbf966de2b1c05eb7c1b04830748723b0befee873aab81d2345548a89fc88d5c583a4e8a6b868757c

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\566313ac5d8d18ae65e9f659ab53b7bd2673d3e863970101c270f5ddce1333ef.lnk
1⤵
PID:1116

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1116-54-0x000007FEFBCA1000-0x000007FEFBCA3000-memory.dmp

Filesize
8KB

Download