e7c7f815a6018adfef0711b49919e998d6ddcaa4a06e97969d9f3b0993f6f17b | Triage

Submit
Reports

Overview

overview

4

Static

static

1

18.rar

windows10-2004-x64

4

18/Packs-X...01.png

windows10-2004-x64

3

18/Packs-X...02.jpg

windows10-2004-x64

3

18/Packs-X...03.jpg

windows10-2004-x64

3

18/Packs-X...04.jpg

windows10-2004-x64

3

18/Packs-X...05.jpg

windows10-2004-x64

3

18/Packs-X...06.jpg

windows10-2004-x64

3

18/Packs-X...07.jpg

windows10-2004-x64

3

18/Packs-X...08.jpg

windows10-2004-x64

3

18/Packs-X...09.jpg

windows10-2004-x64

3

18/Packs-X...10.jpg

windows10-2004-x64

3

18/Packs-X...11.jpg

windows10-2004-x64

3

18/Packs-X...12.jpg

windows10-2004-x64

3

18/Packs-X...13.jpg

windows10-2004-x64

3

18/Packs-X...14.jpg

windows10-2004-x64

3

18/Packs-X...15.jpg

windows10-2004-x64

3

18/Packs-X...16.jpg

windows10-2004-x64

3

18/Packs-X...17.jpg

windows10-2004-x64

3

18/Packs-X...18.jpg

windows10-2004-x64

3

18/Packs-X...19.jpg

windows10-2004-x64

3

18/Packs-X...20.jpg

windows10-2004-x64

3

18/Packs-X...21.jpg

windows10-2004-x64

3

18/Packs-X...22.jpg

windows10-2004-x64

3

Analysis

max time kernel
1799s
max time network
1211s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
16-04-2023 17:56

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

18.rar

Resource

win10v2004-20230220-en

windows10-2004-x64

12 signatures

1800 seconds

Behavioral task

behavioral2

Sample

18/Packs-XXX.online--01.png

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral3

Sample

18/Packs-XXX.online--02.jpg

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral4

Sample

18/Packs-XXX.online--03.jpg

Resource

win10v2004-20230221-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral5

Sample

18/Packs-XXX.online--04.jpg

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral6

Sample

18/Packs-XXX.online--05.jpg

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral7

Sample

18/Packs-XXX.online--06.jpg

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral8

Sample

18/Packs-XXX.online--07.jpg

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral9

Sample

18/Packs-XXX.online--08.jpg

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral10

Sample

18/Packs-XXX.online--09.jpg

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral11

Sample

18/Packs-XXX.online--10.jpg

Resource

win10v2004-20230221-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral12

Sample

18/Packs-XXX.online--11.jpg

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral13

Sample

18/Packs-XXX.online--12.jpg

Resource

win10v2004-20230221-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral14

Sample

18/Packs-XXX.online--13.jpg

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral15

Sample

18/Packs-XXX.online--14.jpg

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral16

Sample

18/Packs-XXX.online--15.jpg

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral17

Sample

18/Packs-XXX.online--16.jpg

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral18

Sample

18/Packs-XXX.online--17.jpg

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral19

Sample

18/Packs-XXX.online--18.jpg

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral20

Sample

18/Packs-XXX.online--19.jpg

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral21

Sample

18/Packs-XXX.online--20.jpg

Resource

win10v2004-20230221-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral22

Sample

18/Packs-XXX.online--21.jpg

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral23

Sample

18/Packs-XXX.online--22.jpg

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Report Analysis Logs

General

Target

18/Packs-XXX.online--18.jpg
Size

125KB
MD5

596891465b4e3db94658df1a5f33a89e
SHA1

4d556d9e3f45dd11128ae6e802448db125646c07
SHA256

740f74f2f9d73daabbd1810095685f7542d2444d0f709bbe1d47f929e8fdb4a5
SHA512

5a433ec70e9c501136d653684801894e7d9ac97b000a3c1b4e4965de848d18119f1e0f1c759575a5816a103154fb57e320d27607330efc624505e0484010aea5
SSDEEP

3072:G1T36oNKLugMnLL73Fs9B/bhw0v2C4hz0F7NpXb0f7L1WHensTMi+H:236ogSgML3FsTDhw0+BW7NRo13iK

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Processes

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\18\Packs-XXX.online--18.jpg
1⤵
PID:2240

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy