609602b5495f1949661faed8ec3d368f891b60bf1a9b521a28e5f164fd3d4a5c | Triage

Submit
Reports

Overview

overview

Static

static

1536-68-0x...ry.lnk

windows7-x64

3

1536-68-0x...ry.lnk

windows10-2004-x64

3

Analysis

max time kernel
59s
max time network
127s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
26/03/2023, 14:01

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1536-68-0x0000000000520000-0x0000000000560000-memory.lnk

Resource

win7-20230220-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

1536-68-0x0000000000520000-0x0000000000560000-memory.lnk

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

1536-68-0x0000000000520000-0x0000000000560000-memory.lnk
Size

256KB
MD5

22852179bba3a97f519868ac1a8d0857
SHA1

8c798cbbb9cc613ce08c0b599bbb8a48ef90b23d
SHA256

609602b5495f1949661faed8ec3d368f891b60bf1a9b521a28e5f164fd3d4a5c
SHA512

0a2ba5b5bb206c498f457128bace2cb1e8a93fc0d7a6ed3c77aff96498d67c94676d3257165f0a73052177ad6c024e023e34b6d227a92ab56f12cbd94700a8e7
SSDEEP

768:oZxJm8VA/vMHTi9bD92ZxJm8VA/vMHTi9bD:oZxJKnYi9b0ZxJKnYi9b

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Processes

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\1536-68-0x0000000000520000-0x0000000000560000-memory.lnk
1⤵
PID:744

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy