c3d97019b34dd8b2a094f0f563de679ee72e56d2ab4b692c521b4bf1fca76b05 | Triage

Submit
Reports

Overview

overview

3

Static

static

1

16790137340850.png

windows7-x64

3

16790137340850.png

windows10-2004-x64

3

Analysis

max time kernel
77s
max time network
127s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
17-03-2023 00:45

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

16790137340850.png

Resource

win7-20230220-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

16790137340850.png

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

16790137340850.png
Size

32KB
MD5

ee1c269626d76f7afbf3fc5950bd6088
SHA1

96ff8ea3a152708ee15365de333a521395773593
SHA256

c3d97019b34dd8b2a094f0f563de679ee72e56d2ab4b692c521b4bf1fca76b05
SHA512

b5a4940e4c1f034dddcb76da29976ee859e54d1c269b925fd6790760b62b691e52d9c4224acf0641765fc574262b4a44065ae654973e87218c419c2b1ca1668b
SSDEEP

768:rTyXbcUCTy4hz3NaknZXevxOhhE2MMuPEph3rs1Er3C:/+b6TlVd/nRevx2222EuEjC

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Processes

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\16790137340850.png
1⤵
PID:1452

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy