900eb66e8eee2a83352eaf2c742012a23a31f7a6a5dae1782e1040f3ebdb3c60 | Triage

Analysis

max time kernel
40s
max time network
44s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
12/01/2023, 19:46

Sharing

Report Analysis Logs

General

Target

900eb66e8eee2a83352eaf2c742012a23a31f7a6a5dae1782e1040f3ebdb3c60.exe
Size

6.5MB
MD5

50e25301957ca390e5e79790db08dc75
SHA1

e095ac7edb024de18c18ae9877eb0578e7bc0d50
SHA256

900eb66e8eee2a83352eaf2c742012a23a31f7a6a5dae1782e1040f3ebdb3c60
SHA512

ea8abd90b77f4f35e800d328560c60ffd3114a20bb95638b01fff5448a5264c1a6b8fdbe2f8c3f82a1797dd62e40aef34c3a08ef2f3388abacd6fa3a807850d6
SSDEEP

98304:qCJ6VFp1K85G5nCbU0SG41mKmLTnRtHPs8VdqWphb4CKJuxXJdo4CJblBOnV2Ewm:qIKts5nCALI3RtHPDg064kBK2R1a

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\900eb66e8eee2a83352eaf2c742012a23a31f7a6a5dae1782e1040f3ebdb3c60.exe
"C:\Users\Admin\AppData\Local\Temp\900eb66e8eee2a83352eaf2c742012a23a31f7a6a5dae1782e1040f3ebdb3c60.exe"
1⤵
PID:1404

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1404-54-0x0000000075451000-0x0000000075453000-memory.dmp

Filesize
8KB

Download