e9c4e6447c14bcbe74ee6a872ce7af909392412e1c8d2226cf493cac2ced2cc0 | Triage

Analysis

max time kernel
47s
max time network
67s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
03-01-2023 15:54

Sharing

Report Analysis Logs

General

Target

flstudio_win_20.7.2.1863.exe
Size

921.9MB
MD5

1a23f4c602a6ca56bf45dce932614f50
SHA1

c0888c0f0149d71f2bb08e5b056a93fe8e413c04
SHA256

e9c4e6447c14bcbe74ee6a872ce7af909392412e1c8d2226cf493cac2ced2cc0
SHA512

61bbd9feabbc5b078c4a2848d13c232ae28621d6e9a3b6ef0b50d3143886ad98d23b994cf6922e99103366ced63435fe54a763585d8f894adfe238a89b8bf505
SSDEEP

3145728:yo7U4xq6G01lhZV2KCN/k8TOYkDtr72v4kgImAfA:y+86G0lK/kceD0vmAI

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\flstudio_win_20.7.2.1863.exe
"C:\Users\Admin\AppData\Local\Temp\flstudio_win_20.7.2.1863.exe"
1⤵
PID:1332

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads