Analysis
-
max time kernel
31s -
max time network
33s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
-
submitted
20-04-2023 01:47
General
-
Target
bf2bf6c1eb02e36d39bb4e71b5d1aec62507c3b697c37401c9c8b3e05ea21184.exe
-
Size
1001KB
-
MD5
554266e72327bb2c3a46ec1ca0dfa484
-
SHA1
fd6b33165baf2a26e72f9b1a17c0880ba4ac4ceb
-
SHA256
bf2bf6c1eb02e36d39bb4e71b5d1aec62507c3b697c37401c9c8b3e05ea21184
-
SHA512
596bd171b3dd48a07e2483273e59dff698325aad1b74f7f1bd4dca6a1f635e10a0dae90c60c0e770c662c5b60970a309b396c332d28bdc13fc405017bd3146bc
-
SSDEEP
12288:KJddmOxpYT9HC/ywZYDeopyZvSwok586R8KrP11MCjKH1945EabrwYgFdkaDKRNf:UddmypY1cYbpyZv07Kr91M3V94574kb
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
Processes
-
C:\Users\Admin\AppData\Local\Temp\bf2bf6c1eb02e36d39bb4e71b5d1aec62507c3b697c37401c9c8b3e05ea21184.exe"C:\Users\Admin\AppData\Local\Temp\bf2bf6c1eb02e36d39bb4e71b5d1aec62507c3b697c37401c9c8b3e05ea21184.exe"1⤵