3cf33ee85bc6dec403d4d369659c83758087f52a8c947a40e753b2bbeee23873 | Triage

Analysis

max time kernel
27s
max time network
65s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
01/02/2023, 19:56

Sharing

Report Analysis Logs

General

Target

Jamongas.lnk
Size

1KB
MD5

6749e1f95d414a26c2d174de5fe69386
SHA1

de65045964690127854499ef6cbefcfb7b350db6
SHA256

3cf33ee85bc6dec403d4d369659c83758087f52a8c947a40e753b2bbeee23873
SHA512

f128247c24f04f766f5ef895acdafe0a2db61cb0f9062076ab048851d97a47e07f47eb6301d5679211228c1e244e7d26c8f0727ac748945f29643cad0530c1bc

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\Jamongas.lnk
1⤵
PID:2016

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2016-54-0x000007FEFB5F1000-0x000007FEFB5F3000-memory.dmp

Filesize
8KB

Download