Resubmissions
05-05-2022 16:22
220505-tt9c9sbafn 305-05-2022 16:08
220505-tlkd6sgch8 405-05-2022 16:06
220505-tj3sqsgch7 3Analysis
-
max time kernel
50s -
max time network
181s -
platform
windows10_x64 -
resource
win10-20220414-en -
submitted
05-05-2022 16:08
Behavioral task
behavioral1
Sample
GEONET FIRMWARE UPGRADE PROCEDURE 8800.pdf
Resource
win10-20220414-en
Behavioral task
behavioral2
Sample
GEONET FIRMWARE UPGRADE PROCEDURE 8800.pdf
Resource
win10v2004-20220414-en
Behavioral task
behavioral3
Sample
GeoNet Firmware Upgrade Procedure Pre-SN_2020800.pdf
Resource
win10-20220414-en
Behavioral task
behavioral4
Sample
GeoNet Firmware Upgrade Procedure Pre-SN_2020800.pdf
Resource
win10v2004-20220414-en
Behavioral task
behavioral5
Sample
GeoNet_Firmware_210721.txt
Resource
win10-20220414-en
Behavioral task
behavioral6
Sample
GeoNet_Firmware_210721.txt
Resource
win10v2004-20220414-en
General
-
Target
GeoNet_Firmware_210721.txt
-
Size
359KB
-
MD5
beed5a193358cfe11188b5dea677150d
-
SHA1
5c0ff4e665af7ae5dd5a8e8e937ea8520341796b
-
SHA256
c2d3afa9f9338154faa620e0f9bf7a572f22005f3cb1311a2b61737b1445755a
-
SHA512
d7a4a45cbbae534f01cf4ae24302076f3723697781653d1bd40a4196f2994abd49fa499dc02c1a32afb18b17cffc7b1eefcb619f718d0ebd3a5e126b2e90caf9
Malware Config
Signatures
-
Opens file in notepad (likely ransom note) 1 IoCs
Processes:
NOTEPAD.EXEpid process 2444 NOTEPAD.EXE