b921a1f373dbb22e77893b9704d948bcc9534c7a9c13bb26457b350438e531a4 | Triage

Analysis

max time kernel
48s
max time network
57s
platform
windows7_x64
resource
win7-20220901-en
resource tags

arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
submitted
15/02/2023, 03:27

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

b921a1f373dbb22e77893b9704d948bcc9534c7a9c13bb26457b350438e531a4.exe
Size

2.6MB
MD5

707a00acd581f6ca48362612711366a5
SHA1

7cba7faf3a11c8e978dfb695c685f3dc3227f5cf
SHA256

b921a1f373dbb22e77893b9704d948bcc9534c7a9c13bb26457b350438e531a4
SHA512

bc23d233c7b9f55b7c416c10e31e9a1e430fc1e3b9a7e82a824af59ea8c50fd69092750cfc25a56317e951fbcc7398c2802fb3d55305a8d408f0f7a0fbd772b0
SSDEEP

49152:NoJ41U590X3T+AQBVoN7oN8oT+ys5uRV069qLtN5cHf:Nq59u+CQlVRV0k

Score

6^/10

discovery

Malware Config

Signatures

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\b921a1f373dbb22e77893b9704d948bcc9534c7a9c13bb26457b350438e531a4.exe
"C:\Users\Admin\AppData\Local\Temp\b921a1f373dbb22e77893b9704d948bcc9534c7a9c13bb26457b350438e531a4.exe"
1⤵
PID:1460

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1460-54-0x0000000075FE1000-0x0000000075FE3000-memory.dmp

Filesize
8KB

Download