Analysis
-
max time kernel
0s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system -
submitted
10-09-2022 12:27
Static task
static1
Behavioral task
behavioral1
Sample
Password.txt
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Password.txt
Resource
win10v2004-20220901-en
Behavioral task
behavioral3
Sample
Proxyscrape Key Generator By PJ/Bunifu_UI_v1.5.3.dll
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
Proxyscrape Key Generator By PJ/Bunifu_UI_v1.5.3.dll
Resource
win10v2004-20220812-en
Behavioral task
behavioral5
Sample
Proxyscrape Key Generator By PJ/Proxyscrape Key Generator.exe
Resource
win7-20220812-en
Behavioral task
behavioral6
Sample
Proxyscrape Key Generator By PJ/Proxyscrape Key Generator.exe
Resource
win10v2004-20220901-en
General
-
Target
Password.txt
-
Size
21B
-
MD5
bc3b330126c0cce1d76732346804ceff
-
SHA1
72b5e61a1121588460474d8be9a8962835826cbc
-
SHA256
acbd16c46b5f37ef33bc01c249e9095b72af7dbc9e9cd878a7de511551c18ba8
-
SHA512
d0af81d2619aceda4f57dc4ad460e348c70c22ab2171624539feaa4d69a3ba3f09789ddc798a85a2c2312bd062691d8006fe7d919a1b27a6ac81e5989512b3e2
Malware Config
Signatures
-
Opens file in notepad (likely ransom note) 1 IoCs
Processes:
NOTEPAD.EXEpid process 544 NOTEPAD.EXE
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/544-54-0x000007FEFBB21000-0x000007FEFBB23000-memory.dmpFilesize
8KB