Overview

overview

4

Static

static

3

GEONET FIR...00.pdf

windows10_x64

4

GEONET FIR...00.pdf

windows10-2004_x64

1

GeoNet Fir...00.pdf

windows10_x64

1

GeoNet Fir...00.pdf

windows10-2004_x64

1

GeoNet_Fir...21.txt

windows10_x64

1

GeoNet_Fir...21.txt

windows10-2004_x64

1

Resubmissions

05-05-2022 16:22

220505-tt9c9sbafn 3

05-05-2022 16:08

220505-tlkd6sgch8 4

05-05-2022 16:06

220505-tj3sqsgch7 3

Analysis

  • max time kernel
    50s
  • max time network
    181s
  • platform
    windows10_x64
  • resource
    win10-20220414-en
  • submitted
    05-05-2022 16:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    GeoNet_Firmware_210721.txt

  • Size

    359KB

  • MD5

    beed5a193358cfe11188b5dea677150d

  • SHA1

    5c0ff4e665af7ae5dd5a8e8e937ea8520341796b

  • SHA256

    c2d3afa9f9338154faa620e0f9bf7a572f22005f3cb1311a2b61737b1445755a

  • SHA512

    d7a4a45cbbae534f01cf4ae24302076f3723697781653d1bd40a4196f2994abd49fa499dc02c1a32afb18b17cffc7b1eefcb619f718d0ebd3a5e126b2e90caf9

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\GeoNet_Firmware_210721.txt
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:2444

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads