d2ea595ce5be10ad4ebe3e8775b8c890444103f80acdd977f6a67251a39445b6 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

d2ea595ce5...b6.lnk

windows7-x64

3

d2ea595ce5...b6.lnk

windows10-2004-x64

3

Analysis

max time kernel
133s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
07/12/2022, 00:20

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

d2ea595ce5be10ad4ebe3e8775b8c890444103f80acdd977f6a67251a39445b6.lnk

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

d2ea595ce5be10ad4ebe3e8775b8c890444103f80acdd977f6a67251a39445b6.lnk

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

d2ea595ce5be10ad4ebe3e8775b8c890444103f80acdd977f6a67251a39445b6.lnk
Size

537B
MD5

8c6b9db6d7c3212016a2b7ffb81523f4
SHA1

987ac1df301a78abac06956aa9d71ef9c5f728f3
SHA256

d2ea595ce5be10ad4ebe3e8775b8c890444103f80acdd977f6a67251a39445b6
SHA512

6d07daa6f3a95e1e8307c654162b3519864687cbc3caa61c519addd3d75f9be6cc5168a8c0d21b4e23794a6c52c5ca183eefeb2ca355d98daa9cbc6e350738ea

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Processes

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\d2ea595ce5be10ad4ebe3e8775b8c890444103f80acdd977f6a67251a39445b6.lnk
1⤵
PID:3424

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy