a4c41714decda4818c827851e1c5123e7b1e3d1e4d1560bfd882bfaa8e17228f | Triage

Analysis

max time kernel
45s
max time network
48s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
09-01-2023 18:23

Sharing

Report Analysis Logs

General

Target

a4c41714decda4818c827851e1c5123e7b1e3d1e4d1560bfd882bfaa8e17228f.exe
Size

11.9MB
MD5

6fb972325c246d9a054d5c1f58b79f77
SHA1

6ee17a1532fb4868a55f7378a15effcaca45ac5a
SHA256

a4c41714decda4818c827851e1c5123e7b1e3d1e4d1560bfd882bfaa8e17228f
SHA512

052f2806731246d41d82d6fe6704c6989e564c815d7bd9439b1f59d77e29c057caafd4fd1b7713d652b929426d57c1bea0cce100d7724a6d03963e5f15c20423
SSDEEP

196608:fHTKI54+HWcbanBhJI5+ESj4uvGWkwLDZgIXv08+Zx5jLevE8AvtJ9+ahaH+axQ:PT/dafJC+T8BUDZHXs86KFA1T9has

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\a4c41714decda4818c827851e1c5123e7b1e3d1e4d1560bfd882bfaa8e17228f.exe
"C:\Users\Admin\AppData\Local\Temp\a4c41714decda4818c827851e1c5123e7b1e3d1e4d1560bfd882bfaa8e17228f.exe"
1⤵
PID:1960

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1960-54-0x0000000076181000-0x0000000076183000-memory.dmp

Filesize
8KB

Download