831e6c4d7466884a0dd9000da17b1a954eb42d44efb7aff45a33d29b4c044f45 | Triage

Analysis

max time kernel
142s
max time network
145s
platform
windows10-1703_x64
resource
win10-20220812-en
resource tags

arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system
submitted
10-12-2022 14:30

Sharing

Report Analysis Logs

General

Target

perfectly_safe.jpg
Size

299KB
MD5

f02f08dd3190eb4caf8b7bf8066c329f
SHA1

9b315f2d222c83dc7aec7d4715a5d65a2e27fe0b
SHA256

831e6c4d7466884a0dd9000da17b1a954eb42d44efb7aff45a33d29b4c044f45
SHA512

1300266f99c4112484dd11f289583ad9f45bd6a9dc3e506500060123435d4ed552ace6deb46aeb79696e71c527f3abeb4179bbcac9b5923d9da73df4442e8c37
SSDEEP

6144:AF8t1IoeNouHJQbRlQInIZiFSTZKraMzNkzuPMDckqfDXzlcWz0Rk:A/okGb6ZikdKrtNxEgBfDZnz0m

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\perfectly_safe.jpg
1⤵
PID:2668

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads