579bf873590af56142934f258cf8b67e978c5ab88c3587728bcbe5d1eb01b27f | Triage

Analysis

max time kernel
65s
max time network
144s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
08/02/2023, 03:41

Sharing

Report Analysis Logs

General

Target

WES.png
Size

610KB
MD5

10b6555ed6ddf419aba45135cf161531
SHA1

ee8285354275ba53404f5fe6c3de09208474874f
SHA256

579bf873590af56142934f258cf8b67e978c5ab88c3587728bcbe5d1eb01b27f
SHA512

35677447af0f3709389ca05fbf1de84230be337e64b7b0e30e588dc1ae7ecb1272c6c8b870ce1f6edbbd766f67d6b3a13a8baca04d9e3f39519dbba6397b2cbe
SSDEEP

12288:ufy+e+rcJ+0pOJLBXDi86XcQHpXgRq3pukYDbdNhbiNSF0z/n:uf6+0pOJLBl6XcQJL+dLJ2zn

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\WES.png
1⤵
PID:1268

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads