1420a34ea7748f86cba767d5355ec2269bcc9c97ada1ce44622318b13556407b | Triage

Analysis

max time kernel
42s
max time network
47s
platform
windows10-1703_x64
resource
win10-20220812-en
resource tags

arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system
submitted
13-01-2023 14:43

Sharing

Report Analysis Logs

General

Target

1004 Silmeeee.lnk
Size

24KB
MD5

0615bdc38e6b51a70af80fa4a7921fb4
SHA1

3ef8ddad97ceab5842f4fe668582a39e395cc896
SHA256

1420a34ea7748f86cba767d5355ec2269bcc9c97ada1ce44622318b13556407b
SHA512

9e718e9b0d0a9567554c147b76a826cfa4996a6ffdb9d35842da96a4498ba6471ad9d48026a996cfaf0cb2d609ba2aa9ea2af2d0590309f2314752a35cae9269
SSDEEP

192:8GvA1XZ4VipNY0D+PeXwV+/+v+n+Ywbey1e8Fen9Z4VipNdeAbDO0ssYeJ:9vA1XZ4Vr0DJgZbfBo9Z4V3AbDO0ss9J

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\1004 Silmeeee.lnk"
1⤵
PID:1524

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads