44e77a74d44a2c955d4fc449ea1282754bb82c925cb44ac06b67ba276fa32225 | Triage

Analysis

max time kernel
45s
max time network
48s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
10-01-2023 19:15

Sharing

Report Analysis Logs

General

Target

44e77a74d44a2c955d4fc449ea1282754bb82c925cb44ac06b67ba276fa32225.exe
Size

604KB
MD5

d189f599ac1b97339515e62abae015cd
SHA1

66047f6d1b4b61bc455390c6ff5f788a34554ecd
SHA256

44e77a74d44a2c955d4fc449ea1282754bb82c925cb44ac06b67ba276fa32225
SHA512

711fa97a619af3edf9002902c08db0e3c5c4e393299d476a0d1563313019c62904b62104f634bcb0fe4a97f5c47e8c332f8604372579d3499e584570a56fb449
SSDEEP

6144:8YaTWmGLq963ixIx8YTnCRhwOMPBt/0Z5f5NqCRDIp3IQN8L:8YI9WiY9TnCoOMPBta5f50CREpjs

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\44e77a74d44a2c955d4fc449ea1282754bb82c925cb44ac06b67ba276fa32225.exe
"C:\Users\Admin\AppData\Local\Temp\44e77a74d44a2c955d4fc449ea1282754bb82c925cb44ac06b67ba276fa32225.exe"
1⤵
PID:988

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/988-54-0x0000000075021000-0x0000000075023000-memory.dmp

Filesize
8KB

Download