4c046487790cb9e46fcacf78c5b4f623130dd0e50317935e32c8a5563b4f9bcd | Triage

Analysis

max time kernel
91s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20220901-en
resource tags

arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
submitted
05/01/2023, 18:55

Sharing

Report Analysis Logs

General

Target

E0107627C83153B004F10E7513573AC9.exe
Size

23.1MB
MD5

e0107627c83153b004f10e7513573ac9
SHA1

e6f5fb44c21e4f55bcecf9ddea634dd4690160b8
SHA256

4c046487790cb9e46fcacf78c5b4f623130dd0e50317935e32c8a5563b4f9bcd
SHA512

999debd8bac25cacea0d0739c7722ea752fe6ca2faed92116497e41efb8fc2fd9645b415ffa29d88fc762c4e751ff71af8c9eef1119902b4f45e6c9c0003b249
SSDEEP

393216:Khx9/7vBGgPtdfEwUjyVsh4slS1W3qjoAWHATENkBBp0rWtcGrJtyT00YpYlYDYj:aLBGTwUSYX65IAIAp6W4zvY0vqk

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\E0107627C83153B004F10E7513573AC9.exe
"C:\Users\Admin\AppData\Local\Temp\E0107627C83153B004F10E7513573AC9.exe"
1⤵
PID:2604

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads