Analysis
-
max time kernel
39s -
max time network
46s -
platform
windows10-2004_x64 -
resource
win10v2004-20220721-en -
resource tags
arch:x64arch:x86image:win10v2004-20220721-enlocale:en-usos:windows10-2004-x64system -
submitted
03-08-2022 21:25
Behavioral task
behavioral1
Sample
Device/HarddiskVolume3/Program Files/Lumion 11.0/Channels/PanoUnique.dll
Resource
win7-20220715-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
Device/HarddiskVolume3/Program Files/Lumion 11.0/Channels/PanoUnique.dll
Resource
win10v2004-20220721-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
Device/HarddiskVolume3/Program Files/Lumion 11.0/Channels/PanoUnique.dll
-
Size
3.6MB
-
MD5
740eade453fd3b02ccbfefacd41decff
-
SHA1
9fb433963541b6cc507dfc4815f3709b4c107999
-
SHA256
aeefe48e2093e335d2f230c744e4df556f45a26ae88192486fc29f44a2077712
-
SHA512
211c4cb1c1b96778b9b4d3a784e14dca2a0472bff4b7aa33f7b25c3055c23f1f0caaf1c12a31c18ad6c9f86c92e175d950c554721be2c8db57acfd8413851c3e
Score
1/10
Malware Config
Signatures
-
Opens file in notepad (likely ransom note) 1 IoCs
Processes:
NOTEPAD.EXEpid process 4232 NOTEPAD.EXE
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe "C:\Users\Admin\AppData\Local\Temp\Device\HarddiskVolume3\Program Files\Lumion 11.0\Channels\PanoUnique.dll",#11⤵
-
C:\Windows\system32\NOTEPAD.EXE"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\UpdateBlock.inf1⤵
- Opens file in notepad (likely ransom note)