661e86749236c9785782e1ac2160d10051b0794474c398457cb2bca26daf42a7 | Triage

Analysis

max time kernel
90s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20220901-en
resource tags

arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
submitted
12/02/2023, 18:27

Sharing

Report Analysis Logs

General

Target

661e86749236c9785782e1ac2160d10051b0794474c398457cb2bca26daf42a7.exe
Size

230KB
MD5

cf9d021b2eaf49a8d2367837118574fc
SHA1

4f97cb3685a55f33fa44cecdce91e004b0abc54d
SHA256

661e86749236c9785782e1ac2160d10051b0794474c398457cb2bca26daf42a7
SHA512

a0818c3a52e3f75144809be232d8ca9a983b29de4e472f19d6e948c8bdfeeb37de4f1cd1120dc30be3f5df47ddeceff3394dde8418958d8769c48183dcf744b8
SSDEEP

6144:z3ZlgsdQlC2XvmfwctYPA7e7nTMzAEq9mpXAvRyB07nQ:zJddQlTXy43wqwpXorU

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\661e86749236c9785782e1ac2160d10051b0794474c398457cb2bca26daf42a7.exe
"C:\Users\Admin\AppData\Local\Temp\661e86749236c9785782e1ac2160d10051b0794474c398457cb2bca26daf42a7.exe"
1⤵
PID:3728

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads