65aa7c12846f8d55ea4d2e77fd0f1ae1eb866b25127c8ef5a235543563c22211 | Triage

Analysis

max time kernel
31s
max time network
33s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
20/12/2022, 20:27

Sharing

Report Analysis Logs

General

Target

65aa7c12846f8d55ea4d2e77fd0f1ae1eb866b25127c8ef5a235543563c22211.exe
Size

11.4MB
MD5

92fb873d9dcb976d38aefcad974670da
SHA1

d0fa3eb8ff84211d7149126a5f90a0f1695876ba
SHA256

65aa7c12846f8d55ea4d2e77fd0f1ae1eb866b25127c8ef5a235543563c22211
SHA512

ee095dc261244b5fbd4fcd3bfee2539f84fb19899606cfe445a41445e5735e27e41f0f8acc330321fc889d493bfdc7f79c8c8770ce6a45633103603d4791888c
SSDEEP

196608:pmZ7J1iOpD+ru7xbSrjqPfe5x7MVkXuAl0lW83fO1Yk/NIG1fgLJLNsxmWRMMaHz:pmZ7y4Dqoaqn07MVk8lV21PlI+fgL2Bs

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\65aa7c12846f8d55ea4d2e77fd0f1ae1eb866b25127c8ef5a235543563c22211.exe
"C:\Users\Admin\AppData\Local\Temp\65aa7c12846f8d55ea4d2e77fd0f1ae1eb866b25127c8ef5a235543563c22211.exe"
1⤵
PID:1700

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1700-54-0x0000000075671000-0x0000000075673000-memory.dmp

Filesize
8KB

Download