b9b3b82a564e871c787e5624816ea741911f8fa775b96a76245d1a14ceb93303 | Triage

Submit
Reports

Overview

overview

3

Static

static

1

skull_PNG68.ico

windows7-x64

3

skull_PNG68.ico

windows10-2004-x64

3

Analysis

max time kernel
501s
max time network
505s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
13/04/2023, 09:37

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

skull_PNG68.ico

Resource

win7-20230220-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

skull_PNG68.ico

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

skull_PNG68.ico
Size

3KB
MD5

19a8e722aa357ce9f11a157620da3f1b
SHA1

fc9d1c933e6e2553c4194102eeb01e109dc4d628
SHA256

b9b3b82a564e871c787e5624816ea741911f8fa775b96a76245d1a14ceb93303
SHA512

d3287035077c00b98b62e49f52f8e2c3dedc9f4648fa5f12cac109af66115ba4ed597f98876e4c20a3333f6aedd250fa68898a0fe44d2d56f8834fb7e4117efc

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Processes

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\skull_PNG68.ico
1⤵
PID:1196

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4852

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy