44588db2b4c0d8780102c85d50527973b9ecdc7aaf1274b934ada939bfb7daa1 | Triage

Analysis

max time kernel
31s
max time network
33s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
11/04/2023, 10:13

Sharing

Report Analysis Logs

General

Target

44588db2b4c0d8780102c85d50527973b9ecdc7aaf1274b934ada939bfb7daa1.exe
Size

512KB
MD5

0c0b1593fd78610fef82991f09555039
SHA1

33317fb5d35e35027449302a3e76cd3fbfa84fb9
SHA256

44588db2b4c0d8780102c85d50527973b9ecdc7aaf1274b934ada939bfb7daa1
SHA512

1ba70c8941e7b2f1807f6e67a43cec2941b20af303a259e14adf8e3907edd0a977e63f25fb8456168995dcd9f5de7717bbd4eeb804cf011a5896e148553aa4cf
SSDEEP

12288:TEOluhcvsLkulLYUUDGYkDCxmUSyyNbNOP:T0hcvs4ufDD/yyNROP

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\44588db2b4c0d8780102c85d50527973b9ecdc7aaf1274b934ada939bfb7daa1.exe
"C:\Users\Admin\AppData\Local\Temp\44588db2b4c0d8780102c85d50527973b9ecdc7aaf1274b934ada939bfb7daa1.exe"
1⤵
PID:2040

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads