Analysis
-
max time kernel
500s -
max time network
502s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
-
submitted
21/12/2022, 23:52 UTC
General
-
Target
cdccb18c253e2a4a7a4fbe59d4d0ed43a26f1de5abf61f95aa3091f4d298a1fe.exe
-
Size
282KB
-
MD5
abae19910a144bbaa6da3f40ff3af52c
-
SHA1
b899b325e4c23d3d06dbbaae782dc68cfec5901e
-
SHA256
cdccb18c253e2a4a7a4fbe59d4d0ed43a26f1de5abf61f95aa3091f4d298a1fe
-
SHA512
96ab5a666b63fc7ad4a3b35301d1c42d2a34a084085aab360ad216f6db54b66207b1351f78036bae78188dfb2c6776101e91332402defae997a1e30aafc371c3
-
SSDEEP
6144:fTt0EBLlxZLDXVlgGDv8RnhKOLOlF/KlZE//n/W:JDRZLDrtjMnVOlF/QEH+
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
-
C:\Users\Admin\AppData\Local\Temp\cdccb18c253e2a4a7a4fbe59d4d0ed43a26f1de5abf61f95aa3091f4d298a1fe.exe"C:\Users\Admin\AppData\Local\Temp\cdccb18c253e2a4a7a4fbe59d4d0ed43a26f1de5abf61f95aa3091f4d298a1fe.exe"1⤵
Network
- No results found
-
204.79.197.200:443www.bing.comtls -
20.42.65.84:443
-
204.79.197.200:443
-
204.79.197.200:443www.bing.comtls, https
No results found