0ac03602341f8ff2d62978ee40c0c1e4ab86ff695fc4b27c9a34f536c9d6017a | Triage

Analysis

max time kernel
60s
max time network
123s
platform
windows10-2004_x64
resource
win10v2004-20220901-en
resource tags

arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
submitted
25-01-2023 11:50

Sharing

Report Analysis Logs

General

Target

image005.png
Size

16KB
MD5

e2ba0ff53b131a4021305fe1fb180b64
SHA1

e1bc83057d3cd25ae7fbf8f04c02c266cbb134eb
SHA256

e77b875878cb422861e96c86ae5ad5737824a5cb626500467f33f2e02e662154
SHA512

288d6ce179a465981d9f286b3ab0348e97aa99b17e2032105aae04e0878f311400006b13a077d4e9f78bd51aa4fc99794ba9ff9bdb1868a72565a9829c3b7ee6
SSDEEP

384:OWgPDpOMBOQLLUWgJ4vq45/gojGe1SaBzDgo6lXaIEQ:OWgtvAXPyS4tgojb1Sahgouay

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\image005.png
1⤵
PID:1728

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...