fa344ec4442baad396b741d6275906379b973b3140d84d93a8f42d6e14a99c7d | Triage

Submit
Reports

Overview

overview

3

Static

static

1

Untitled (1).png

windows7-x64

1

Untitled (1).png

windows10-2004-x64

3

Analysis

max time kernel
100s
max time network
142s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
22/03/2023, 13:20

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

Untitled (1).png

Resource

win7-20230220-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

Untitled (1).png

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

Untitled (1).png
Size

15KB
MD5

232a7cb4f4c4b0a13aea36fdba66f786
SHA1

d76616f1147d46c688d6a4d5f581695fc33511f3
SHA256

fa344ec4442baad396b741d6275906379b973b3140d84d93a8f42d6e14a99c7d
SHA512

c1ee60ea44400184d029381cf3f707628451b0e23308a7bc3d8c6f6d2362882fc0ebeadc1a88bb67d4a43b5ee3d24186b32b9e9c32cb00a178dc646ac740fb7e
SSDEEP

192:tXqGblyyxa3VpJ/yQWWV4YYyi151lfo33Lj7odiSxaeAy3i32Q:hlxP03DYQB4YYyAArvQxn4f

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Processes

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\Untitled (1).png"
1⤵
PID:2036

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy