Overview
overview
10Static
static
Document-1310.iso
windows7_x64
3Document-1310.iso
windows10-2004_x64
31662.ps1
windows7_x64
11662.ps1
windows10-2004_x64
10Scan_139.jpg
windows7_x64
3Scan_139.jpg
windows10-2004_x64
3Scan_139.jpg.lnk
windows7_x64
3Scan_139.jpg.lnk
windows10-2004_x64
10x.txt
windows7_x64
1x.txt
windows10-2004_x64
1Analysis
-
max time kernel
45s -
max time network
49s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
02-06-2022 19:49
Static task
static1
Behavioral task
behavioral1
Sample
Document-1310.iso
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
Document-1310.iso
Resource
win10v2004-20220414-en
Behavioral task
behavioral3
Sample
1662.ps1
Resource
win7-20220414-en
Behavioral task
behavioral4
Sample
1662.ps1
Resource
win10v2004-20220414-en
Behavioral task
behavioral5
Sample
Scan_139.jpg
Resource
win7-20220414-en
Behavioral task
behavioral6
Sample
Scan_139.jpg
Resource
win10v2004-20220414-en
Behavioral task
behavioral7
Sample
Scan_139.jpg.lnk
Resource
win7-20220414-en
Behavioral task
behavioral8
Sample
Scan_139.jpg.lnk
Resource
win10v2004-20220414-en
Behavioral task
behavioral9
Sample
x.txt
Resource
win7-20220414-en
Behavioral task
behavioral10
Sample
x.txt
Resource
win10v2004-20220414-en
General
-
Target
x.txt
-
Size
289B
-
MD5
072009e7e44a2a75b9c9398e5263cc04
-
SHA1
07649472a1ab42cf1d29de040f3adf1cd7bb21fa
-
SHA256
56e9baf765a043889efa1695e48d342057bb3e70adc723cbd96135fe1764fd3e
-
SHA512
b67c426b9f4e0d070c526e1c060d271c3875f0f9ba58e782ff78aec02b3a7f2a34b551f43e97947fecebca3ea337e08eedcc29a4583a3ad6d42e74d60bb7be6d
Malware Config
Signatures
-
Opens file in notepad (likely ransom note) 1 IoCs
Processes:
NOTEPAD.EXEpid process 1684 NOTEPAD.EXE
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1684-54-0x000007FEFBC11000-0x000007FEFBC13000-memory.dmpFilesize
8KB