e7c7f815a6018adfef0711b49919e998d6ddcaa4a06e97969d9f3b0993f6f17b | Triage

Submit
Reports

Overview

overview

4

Static

static

1

18.rar

windows10-2004-x64

4

18/Packs-X...01.png

windows10-2004-x64

3

18/Packs-X...02.jpg

windows10-2004-x64

3

18/Packs-X...03.jpg

windows10-2004-x64

3

18/Packs-X...04.jpg

windows10-2004-x64

3

18/Packs-X...05.jpg

windows10-2004-x64

3

18/Packs-X...06.jpg

windows10-2004-x64

3

18/Packs-X...07.jpg

windows10-2004-x64

3

18/Packs-X...08.jpg

windows10-2004-x64

3

18/Packs-X...09.jpg

windows10-2004-x64

3

18/Packs-X...10.jpg

windows10-2004-x64

3

18/Packs-X...11.jpg

windows10-2004-x64

3

18/Packs-X...12.jpg

windows10-2004-x64

3

18/Packs-X...13.jpg

windows10-2004-x64

3

18/Packs-X...14.jpg

windows10-2004-x64

3

18/Packs-X...15.jpg

windows10-2004-x64

3

18/Packs-X...16.jpg

windows10-2004-x64

3

18/Packs-X...17.jpg

windows10-2004-x64

3

18/Packs-X...18.jpg

windows10-2004-x64

3

18/Packs-X...19.jpg

windows10-2004-x64

3

18/Packs-X...20.jpg

windows10-2004-x64

3

18/Packs-X...21.jpg

windows10-2004-x64

3

18/Packs-X...22.jpg

windows10-2004-x64

3

Analysis

max time kernel
1708s
max time network
1620s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
16-04-2023 17:56

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

18.rar

Resource

win10v2004-20230220-en

windows10-2004-x64

12 signatures

1800 seconds

Behavioral task

behavioral2

Sample

18/Packs-XXX.online--01.png

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral3

Sample

18/Packs-XXX.online--02.jpg

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral4

Sample

18/Packs-XXX.online--03.jpg

Resource

win10v2004-20230221-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral5

Sample

18/Packs-XXX.online--04.jpg

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral6

Sample

18/Packs-XXX.online--05.jpg

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral7

Sample

18/Packs-XXX.online--06.jpg

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral8

Sample

18/Packs-XXX.online--07.jpg

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral9

Sample

18/Packs-XXX.online--08.jpg

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral10

Sample

18/Packs-XXX.online--09.jpg

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral11

Sample

18/Packs-XXX.online--10.jpg

Resource

win10v2004-20230221-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral12

Sample

18/Packs-XXX.online--11.jpg

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral13

Sample

18/Packs-XXX.online--12.jpg

Resource

win10v2004-20230221-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral14

Sample

18/Packs-XXX.online--13.jpg

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral15

Sample

18/Packs-XXX.online--14.jpg

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral16

Sample

18/Packs-XXX.online--15.jpg

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral17

Sample

18/Packs-XXX.online--16.jpg

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral18

Sample

18/Packs-XXX.online--17.jpg

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral19

Sample

18/Packs-XXX.online--18.jpg

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral20

Sample

18/Packs-XXX.online--19.jpg

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral21

Sample

18/Packs-XXX.online--20.jpg

Resource

win10v2004-20230221-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral22

Sample

18/Packs-XXX.online--21.jpg

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral23

Sample

18/Packs-XXX.online--22.jpg

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

1800 seconds

Report Analysis Logs

General

Target

18/Packs-XXX.online--04.jpg
Size

158KB
MD5

c2b49c44bd25615522d0ce8ffdbdb033
SHA1

a29e4200c34a92f58e82be2a46435003efee10f2
SHA256

07cd6ab6c23716ad86ceacf326f1be2ffd8c0e47f3e502bc961df56ee82ce543
SHA512

4bb681e7903aee2c6eb93ddd4540d1d55b8cb92c369abd158a76e058c794d56027ab24fd37735f3d22884f6303e63e7a99b7914620d900d7a2a01e98a8931c88
SSDEEP

3072:yDkjR9D737nWy1fBkwWuJUqwYDFaK0WkM3Z:yDW5LnWGfBkPu3LM6J

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Processes

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\18\Packs-XXX.online--04.jpg
1⤵
PID:3432

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy