766044286d00b36afb454e85f529356a93cb9b6d389bbe255c10e1cd745886d4 | Triage

Analysis

max time kernel
41s
max time network
44s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
15-02-2023 11:00

Sharing

Report Analysis Logs

General

Target

S_K _Beaumont_TaxDocuments.pdf.lnk
Size

2KB
MD5

c92d58caccaa377d4fbec66e06d3433c
SHA1

42d7500783a111aa5150a9e0a6809eaace482cfc
SHA256

ab1eb7454d2cc5549c4c09422cdeb2fbf9254a977a42b03ca887a42d4e66f84e
SHA512

f71dc8dc6074ce92afa7a0b16f10fd0e7c827caf59977e0158e5e470f74a6e6e10ed2efe9f69a3b2678cd23f9726cf2ba496a0d1aac857a1cf1eb42404adbade

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\S_K _Beaumont_TaxDocuments.pdf.lnk"
1⤵
PID:1852

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1852-54-0x000007FEFBD11000-0x000007FEFBD13000-memory.dmp

Filesize
8KB

Download