9d0d752f809a9b188da41682b5c79451f96b27e01e27f9ab800964e2e36e368a | Triage

Submit
Reports

Overview

overview

5

Static

static

1

de47539d-3...43.eml

windows7-x64

5

de47539d-3...43.eml

windows10-2004-x64

3

RFQ items ...ct.zip

windows7-x64

1

RFQ items ...ct.zip

windows10-2004-x64

1

RFQ ORDER ...F.html

windows7-x64

1

RFQ ORDER ...F.html

windows10-2004-x64

1

bd24f84b26...ab.png

windows7-x64

3

bd24f84b26...ab.png

windows10-2004-x64

3

email-html-1.html

windows7-x64

1

email-html-1.html

windows10-2004-x64

1

Analysis

max time kernel
83s
max time network
146s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
14-04-2023 08:49

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

de47539d-3982-3cdb-8706-ff439a032943.eml

Resource

win7-20230220-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

de47539d-3982-3cdb-8706-ff439a032943.eml

Resource

win10v2004-20230220-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral3

Sample

RFQ items 2023 Contract.zip

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

RFQ items 2023 Contract.zip

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

RFQ ORDER LIST_EXCEL_PDF.html

Resource

win7-20230220-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral6

Sample

RFQ ORDER LIST_EXCEL_PDF.html

Resource

win10v2004-20230221-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral7

Sample

bd24f84b26005c357004731f3f0cfeab.png

Resource

win7-20230220-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral8

Sample

bd24f84b26005c357004731f3f0cfeab.png

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral9

Sample

email-html-1.html

Resource

win7-20230220-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral10

Sample

email-html-1.html

Resource

win10v2004-20230220-en

windows10-2004-x64

5 signatures

150 seconds

Report Analysis Logs

General

Target

bd24f84b26005c357004731f3f0cfeab.png
Size

3KB
MD5

e161b25fe111e32b16fbb9749549c645
SHA1

8cc546ab817cd249e7853e7eba93a8457cf2aa72
SHA256

5e4005a2de27c66f120f6b3db39bd398b69c0ee62dace8f0c966999a0bbf9c60
SHA512

a21629bd54e1c7bf154bb4eb792877c9fa1097f6a52233557267ef5690a6a00425f82b2a400760baab8ee56ce7a07316959cec47e72bca9bd0ce0d76e8e5df71

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Processes

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\bd24f84b26005c357004731f3f0cfeab.png
1⤵
PID:932

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy