Analysis
-
max time kernel
143s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
-
submitted
02/02/2023, 11:38
General
-
Target
2cba962a0d08e052e50afac93317c726605a40d593750f2c44d819e4b89760a2.exe
-
Size
10.5MB
-
MD5
b7868b90becf891b7bd7e1065b0bcb92
-
SHA1
e9f89de5c4677dc96d5d98ce786e67c03594705d
-
SHA256
2cba962a0d08e052e50afac93317c726605a40d593750f2c44d819e4b89760a2
-
SHA512
b619a757e3964acc72fcb3571116263f228fa2ff4d7248f0f1e6313075db4d12a71fa1fe0acc0545eb21cdaa58a23f5985d8a169917b734ff1ab41def76420b2
-
SSDEEP
196608:iRClh3f4lLqt/8poam6/JFIEUsCQOg0xv0yCm8gpZrs+/qaVM4yF9fci1x:D3P4pG8Sz6nIEURQyCm8g7YSqUM4yF9/
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
-
C:\Users\Admin\AppData\Local\Temp\2cba962a0d08e052e50afac93317c726605a40d593750f2c44d819e4b89760a2.exe"C:\Users\Admin\AppData\Local\Temp\2cba962a0d08e052e50afac93317c726605a40d593750f2c44d819e4b89760a2.exe"1⤵