Analysis
-
max time kernel
86s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
-
submitted
20/12/2022, 20:56
General
-
Target
SERVICE RENEWAL #8758-027986.jpg
-
Size
1.5MB
-
MD5
8ed081a4c04f5a5e2bc40977052f3103
-
SHA1
111958b1de501f48466ea34306f5fb23fb743dbb
-
SHA256
190fba5b57ef86eb50bd94aac33531fb743856545f7d5df477a58635758fd6c5
-
SHA512
5f38d7411c5206b8612bfc69a65422d4e93e8ea9d9204970e40c1b4fe130f0ad97d6916eb86680fc1f8031625a9bd49650579241d269a2ab090d094cac656c2c
-
SSDEEP
24576:W/yEl7qrraXbJUucmp9T1d2Yt/SlGovVxz9o:W/FluraLJUBuJd2YQGotxze
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
-
C:\Windows\system32\cmd.execmd /c "C:\Users\Admin\AppData\Local\Temp\SERVICE RENEWAL #8758-027986.jpg"1⤵