896a67c03d13b549e0ddde7ca92a3566be43a45acce9987cc480456bc5d7ae5f | Triage

Submit
Reports

Overview

overview

3

Static

static

1

perfil.jpg

windows7-x64

3

perfil.jpg

windows10-2004-x64

3

Resubmissions

31-03-2023 19:50

230331-ykhamsec6w 3

31-03-2023 19:48

230331-yjbrgaec51 3

Analysis

max time kernel
66s
max time network
91s
platform
windows10-2004_x64
resource
win10v2004-20230220-es
resource tags

arch:x64arch:x86image:win10v2004-20230220-eslocale:es-esos:windows10-2004-x64systemwindows
submitted
31-03-2023 19:48

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

perfil.jpg

Resource

win7-20230220-es

windows7-x64

2 signatures

1800 seconds

Behavioral task

behavioral2

Sample

perfil.jpg

Resource

win10v2004-20230220-es

windows10-2004-x64

1 signatures

1800 seconds

Report Analysis Logs

General

Target

perfil.jpg
Size

33KB
MD5

37f496943c721d449b6423d89a63c52e
SHA1

c0f30c3a01f36d4b25377090e01d9cf877ae1c4e
SHA256

896a67c03d13b549e0ddde7ca92a3566be43a45acce9987cc480456bc5d7ae5f
SHA512

352774d8f88eecd91972b0db6519652f1e24c40d58123b92d248443dfc8aafe33b0b5f27de4d39d0fb15f92b747a67a9ea96c71a29e432df7f3a9bf3a1735596
SSDEEP

768:etOklx+02kfkmi1cidMFazP2+fUSQiSuWqiYOm:PkH+02Kkmci+1BSbqiZm

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Processes

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\perfil.jpg
1⤵
PID:424

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy