0e78160a0f128bdf85b2d24c1c2b5025b9832761be2c651e55bfd1301a526398 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

images.jpg

windows10-2004-x64

3

Resubmissions

13/04/2023, 17:49

230413-wehywadb43 3

13/04/2023, 17:47

230413-wcz5daed4x 3

13/04/2023, 16:35

230413-t3tn6sea21 8

Analysis

max time kernel
6s
max time network
8s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
13/04/2023, 17:47

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

images.jpg

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

images.jpg
Size

5KB
MD5

66a3b72879baa39d00a1a837ef01ba88
SHA1

b8e9479468e2421d2110715adbc260d53a8e0b1f
SHA256

0e78160a0f128bdf85b2d24c1c2b5025b9832761be2c651e55bfd1301a526398
SHA512

5e271585c467fddce82181b62723c821e145d6af662d2f51f963bd1646801aeb0f80cbbe2fc6664aba9181ff7a86f5222406aa4b61bbb6c3c6acc22db3db3087
SSDEEP

96:vd/UsedgMupb+jadUOLnzUUlePBJ5bhQVZuxsLaXt1do7URgqB69Qv:hrdXdU8o/hMLaXt1S7Hqo0

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Processes

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\images.jpg
1⤵
PID:4764

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy