44e77a74d44a2c955d4fc449ea1282754bb82c925cb44ac06b67ba276fa32225 | Triage

Analysis

max time kernel
91s
max time network
123s
platform
windows10-2004_x64
resource
win10v2004-20220901-en
resource tags

arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
submitted
10/01/2023, 19:15

Sharing

Report Analysis Logs

General

Target

44e77a74d44a2c955d4fc449ea1282754bb82c925cb44ac06b67ba276fa32225.exe
Size

604KB
MD5

d189f599ac1b97339515e62abae015cd
SHA1

66047f6d1b4b61bc455390c6ff5f788a34554ecd
SHA256

44e77a74d44a2c955d4fc449ea1282754bb82c925cb44ac06b67ba276fa32225
SHA512

711fa97a619af3edf9002902c08db0e3c5c4e393299d476a0d1563313019c62904b62104f634bcb0fe4a97f5c47e8c332f8604372579d3499e584570a56fb449
SSDEEP

6144:8YaTWmGLq963ixIx8YTnCRhwOMPBt/0Z5f5NqCRDIp3IQN8L:8YI9WiY9TnCoOMPBta5f50CREpjs

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\44e77a74d44a2c955d4fc449ea1282754bb82c925cb44ac06b67ba276fa32225.exe
"C:\Users\Admin\AppData\Local\Temp\44e77a74d44a2c955d4fc449ea1282754bb82c925cb44ac06b67ba276fa32225.exe"
1⤵
PID:4572

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads